The EU is Giving Out Bug Bounties for Open Source Projects by daan

View this thread on: hive.blog | peakd.com | ecency.com

open-source · @daan · Dec 31 '18

$2.36

The EU is Giving Out Bug Bounties for Open Source Projects

<center>![](https://cdn.steemitimages.com/DQmYyzGNYGrkytUMUQcS7M1Pn81hFzBQqDZW4hc5hawUUcJ/image.png)</center><center>[Source](https://www.deviantart.com/brent-ritztro/art/Simply-Open-Source-267461589)</center>

---

I've recently discovered through the [blog of Julia Reda](https://juliareda.eu/2018/12/eu-fossa-bug-bounties/) (Pirate Party European Parliament member), that the EU is funding bug bounties for open-source projects, starting mid-January 2019. 

Back in 2014, vulnerabilities were found in OpenSSL and this prompted [Julia Reda](https://juliareda.eu/me-for-you-in-europe/) & [Max Andersson](https://twitter.com/maxandersson?lang=en) to start an Open-Source software audit project called FOSSA. Through the first iteration of this project, two Open-Source project received security audits that were funded by the EU, [the Apache webserver and the KeePass password manager](https://juliareda.eu/2016/07/eu-audits-keepass-apache/).

Back in 2017, it was decided to add bug bounties to the scope of the FOSSA project and below you can see a list of projects for which bug bounties are available. In total, there's €851.000 in bug bounties to be earned and the amount of each individual bounty depends on the severity of the issue, together with the importance on the project. 

---

| Software Project                        |  Bug Bounty Amount (Euro)  | Start Date | End Date | Bug Bounty Platform          |
|----------------------------------|--------|------------|------------|--------------------|
| [Filezilla](https://filezilla-project.org/)                        | €58.000  | 07/01/2019 | 15/08/2019 | [HackerOne](https://www.hackerone.com/)          |
| [Apache Kafka](https://kafka.apache.org/)                     | €58.000  | 07/01/2019 | 15/08/2019 | [HackerOne](https://www.hackerone.com/)          |
| [Notepad++](https://notepad-plus-plus.org/)                        | €71.000  | 07/01/2019 | 15/08/2019 | [HackerOne](https://www.hackerone.com/)          |
| [PuTTY](https://www.putty.org/)                            | €90.000  | 07/01/2019 | 15/12/2019 | [HackerOne](https://www.hackerone.com/)          |
| [VLC Media Player](https://www.videolan.org/)                 | €58.000  | 07/01/2019 | 15/08/2019 | [HackerOne](https://www.hackerone.com/)          |
| [FLUX TL](https://joinup.ec.europa.eu/solution/flux-tl)                          | €34.000  | 15/01/2019 | 15/10/2019 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [KeePass](https://keepass.info/)                          | €71.000  | 15/01/2019 | 31/07/2019 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [7-zip](https://www.7-zip.org/)                            | €58.000  | 30/01/2019 | 15/04/2020 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [Digital Signature Services (DSS)](https://ec.europa.eu/cefdigital/wiki/pages/viewpage.action?pageId=46992515) | €25.000  | 30/01/2019 | 15/10/2019 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [Drupal](https://www.drupal.org/)                           | €89.000  | 30/01/2019 | 15/10/2020 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [GNU C Library (glibc)](https://www.gnu.org/software/libc/)            | €45.000  | 30/01/2019 | 15/12/2019 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [PHP Symfony](https://symfony.com/)                      | €39.000  | 30/01/2019 | 15/10/2019 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [Apache Tomcat](https://tomcat.apache.org/)                    | €39.000  | 30/01/2019 | 15/10/2019 | [Intigriti/Deloitte](https://www.intigriti.com/)|
| [WSO2](https://wso2.com/)                             | €58.000  | 30/01/2019 | 15/04/2020 | [Intigriti/Deloitte](https://www.intigriti.com/) |
| [midPoint](https://evolveum.com/midpoint/)                         | €58.000  | 01/03/2019 | 15/08/2019 | [HackerOne](https://www.hackerone.com/)          |
|                                  |        |            |            |                    |
| **TOTAL**                            | €851.000 |            |            |                    |

---

So, if you're currently already contributing to the Bug Hunting category on @utopian-io, you might also want to look into getting some of these bounties. You still have ample amount of time to prepare and you might discover some serious security flaws in your favourite Open-Source projects! 

### Featured image was made by [Brent-Ritztro](https://www.deviantart.com/brent-ritztro) and released under [CC-BY-SA 3.0](https://creativecommons.org/licenses/by-sa/3.0/)

### Data used in this article was originally gathered by [Julia Reda](https://juliareda.eu/me-for-you-in-europe/) and adapted by me (added totals). With permission. 

### Original Source: https://juliareda.eu/2018/12/eu-fossa-bug-bounties/

---

*This is **not** a submission for @utopian-io, though I have used the tag since the information presented here could be of use for Utopian contributors*

👍 steembasicincome, redes, partiko, steem-ua, grzesiekb, netzisde, qurator, helpie, slobberchops, thesteemengine, vander, violetmed, daan, backinblackdevil, d0zer, msp-lovebot, ethandsmith, isaria, novacadian, sbanerjee0017, eonwarped, chops.support, bigtom13, gomatthew, thethreehugs, crimsonclad, cpol, bozz, natubat, we-are-steemians, jasonshick, incinboost, accelerator, jmcgready, paulag, tattoodjay, roleerob, pundito, steemchoose, workin2005, tigerstripe, clayboyn, crocs-and-socks, dog-marley, filinpaul, elleok, blewitt, solikyl, musicvoter, catweasel, zipporah, tinypaleokitchen, mrfantastis, hakim12, whatsontrend, bububoomt, carrieallen, discordiant, onethousandwords, solominer, syfulcomet, silentscreamer, xrp.trail, calumam, and 89 others

properties (23)vote details (153)

voter	rshares	pct
mammasitta	192,298,667	0.05%
jmcgready	15,651,264,837	100%
daan	87,025,110,976	100%
elamental	279,928,036	1%
anarcho-andrei	553,967,942	2.7%
novacadian	44,205,634,966	25%
natubat	20,250,756,531	24%
clayboyn	5,837,099,038	7%
redes	727,252,819,538	14%
yadamaniart	586,868,012	1.39%
ethandsmith	53,240,311,305	15%
cpol	24,670,828,131	100%
gomatthew	31,991,316,788	100%
elviento	490,907,750	0.73%
thethreehugs	29,030,883,735	85.55%
isaria	46,552,455,502	10%
crimsonclad	27,294,904,635	6%
paulag	15,427,848,437	5%
jonmagnusson	142,463,324	0.5%
jayna	532,467,427	1.35%
catweasel	3,508,462,900	32%
violetmed	111,018,729,416	25%
discordiant	1,600,838,257	6%
tattoodjay	14,164,429,754	13%
msp-lovebot	61,812,842,697	10%
amymya	373,047,962	0.9%
ralph-rennoldson	305,851,043	0.33%
onethousandwords	1,363,333,195	40%
redrica	1,172,442,846	1.98%
jasonshick	18,866,298,791	5%
theleapingkoala	132,858,670	0.69%
vander	113,577,009,542	100%
alalahamed	518,544,958	100%
boontjie	79,213,693	2.78%
accelerator	15,657,201,575	1.1%
tinypaleokitchen	2,956,528,273	24%
trevorpetrie	1,043,796,365	9%
carrieallen	1,752,035,503	5%
roleerob	14,102,671,540	10%
melavie	169,101,073	1.8%
qurator	180,937,882,217	2.78%
art-mess	87,298,397	4.5%
panamapilgrim	380,065,266	100%
socent	675,021,510	15%
eonwarped	38,328,565,611	8%
pechichemena	613,341,093	1.8%
syfulcomet	1,286,847,057	100%
sonix	592,338,204	100%
kernelillo	91,365,826	4.5%
skycae	215,047,081	1.94%
helpie	158,742,242,178	9%
lisa-smisha	281,935,476	100%
filinpaul	5,159,736,104	100%
markaustin	315,511,489	5%
jezzica	635,288,332	100%
luisferchav	337,300,848	4.5%
steembasicincome	1,026,582,043,848	23.48%
soulturtle	191,450,287	1.8%
mountainjewel	128,330,568	0.18%
carpedimus	111,567,974	4.5%
gamsam	810,706,985	0.27%
calumam	1,183,077,360	40%
grzesiekb	245,286,083,681	100%
bengy	854,040,816	4%
bennettitalia	367,229,102	2.25%
apanamakid	331,379,716	64%
magpielover	89,470,951	100%
workin2005	9,070,014,867	100%
thesteemengine	151,705,269,118	80%
grizzle	212,342,365	1%
lunaticpandora	542,981,417	1.2%
silentscreamer	1,267,659,566	4.5%
warpedpoetic	287,566,495	1.35%
hazem91	307,250,505	1.8%
bigtom13	32,763,672,936	30%
d0zer	71,758,972,042	100%
nwjordan	249,543,385	2.08%
verhp11	163,295,685	1%
pundito	12,557,736,907	100%
bozz	21,511,209,351	40%
mindtrap	1,003,284,763	0.45%
zipporah	3,075,757,095	1.8%
balcon07	404,747,092	100%
siomarasalmeron	493,032,868	4.5%
backinblackdevil	83,463,958,737	15%
mrfantastis	2,882,179,246	100%
redheadpei	218,334,020	5%
spawnband	165,520,000	1.8%
foxyspirit	378,492,885	1.8%
musicapoetica	70,803,424	8%
solikyl	3,548,677,564	50%
derangedvisions	724,503,359	2.25%
elleok	4,770,453,019	34%
veckinon	222,210,406	4.5%
gbg	251,539,800	50%
javicuesta	187,418,729	9%
solominer	1,361,492,372	4.5%
musicvoter	3,526,719,761	1%
slobberchops	152,075,635,080	25%
netzisde	198,442,816,415	100%
kbr	173,283,320	2.25%
free-reign	134,087,342	4.5%
shookriya	98,208,744	1.99%
bububoomt	1,884,167,907	100%
smarmy	314,228,799	1.39%
vividessor	127,241,264	1.39%
stepanslobodyan	513,201,567	100%
numberjocky	112,749,615	1.39%
klaudiuszkrl	512,813,469	100%
tigerstripe	8,619,750,730	15%
borndead05	513,654,665	100%
blewitt	4,136,513,177	0.9%
sbanerjee0017	43,133,233,916	50%
partiko	289,557,050,214	3%
rubydetails	512,997,460	100%
evasivepike	512,682,453	100%
rjet	96,322,661	100%
cheekedrad	512,813,504	100%
nonrespond	512,710,290	100%
lillywilton	811,002,165	20%
dog-marley	5,267,254,439	100%
barleycorn	227,639,507	1.39%
samakovgor	513,708,239	100%
hozainnochi	515,202,374	100%
creamssugar	513,668,139	100%
steemchoose	12,331,948,438	0.56%
hakim12	2,144,873,476	100%
xebeclist	513,351,805	100%
chops.support	37,474,373,151	45%
isabelpereira	276,585,778	1.39%
hornetmusic	75,308,540	50%
moskalenkoalexey	513,436,453	100%
rishhk	70,640,951	15%
affineclever	513,308,302	100%
trando	974,761,700	100%
whatsontrend	2,057,428,362	100%
veilmir	502,138,243	100%
steem-ua	275,787,085,863	2.27%
raoufwilly	130,323,697	2.7%
playbox	482,379,565	100%
steemitbuzz	91,065,053	1%
incinboost	18,690,571,266	7.44%
hdu	439,039,816	1%
steemexpress	826,879,426	1.62%
oh-high-mark	72,136,209	4.5%
butt-memes	217,330,677	4.5%
navinsirsat	532,767,593	100%
thereviews	394,240,324	100%
crocs-and-socks	5,446,452,118	1%
we-are-steemians	19,481,503,700	5.03%
blockmonster	328,056,961	30%
tony.montana	768,417,482	2.1%
xrp.trail	1,257,220,263	2%

@bozz · Jan 2 '19

$0.04

Wow, this is really cool and also a bit scary as I look at the list, I use a lot of those programs on a daily basis.  Glad that there is this initiative to get them secure!

👍 ethandsmith, thesteemengine

`author`	bozz
`permlink`	re-daan-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20190102t125838109z
`category`	open-source
`json_metadata`	{"tags":["open-source"],"app":"steemit/0.1"}
`created`	2019-01-02 12:58:45
`last_update`	2019-01-02 12:58:45
`depth`	1
`children`	0
`last_payout`	2019-01-09 12:58:45
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.033 HBD
`curator_payout_value`	0.010 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	172
`author_reputation`	2,233,470,735,904,856
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	77,756,117
`net_rshares`	78,835,336,159
`author_curate_reward`	""

properties (23)vote details (2)

voter	weight	wgt%	rshares	pct	time
ethandsmith	0 B		59,727,823,819	15%
thesteemengine	0 B		19,107,512,340	10%

@partiko · Dec 31 '18

Thank you so much for participating the Partiko Delegation Plan Round 1! We really appreciate your support! As part of the delegation benefits, we just gave you a 3.00% upvote! Together, let’s change the world!

properties (22)

`author`	partiko
`permlink`	re-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20181231t143034
`category`	open-source
`json_metadata`	""
`created`	2018-12-31 14:30:36
`last_update`	2018-12-31 14:30:36
`depth`	1
`children`	0
`last_payout`	2019-01-07 14:30:36
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	210
`author_reputation`	39,207,160,334,751
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	77,664,460
`net_rshares`	0

@steem-ua · Jan 1 '19

#### Hi @daan!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your **UA** account score is currently 3.903 which ranks you at **#4094** across all Steem accounts.
Your rank has improved 77 places in the last three days (old rank 4171).

In our last Algorithmic Curation Round, consisting of 268 contributions, your post is ranked at **#57**.
##### Evaluation of your UA score:

* You're on the right track, try to gather more followers.
* The readers like your work!
* Great user engagement! You rock!


**Feel free to join our [@steem-ua Discord server](https://discord.gg/KpBNYGz)**

properties (22)

`author`	steem-ua
`permlink`	re-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20190101t004952z
`category`	open-source
`json_metadata`	"{"app": "beem/0.20.14"}"
`created`	2019-01-01 00:49:54
`last_update`	2019-01-01 00:49:54
`depth`	1
`children`	0
`last_payout`	2019-01-08 00:49:54
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	641
`author_reputation`	23,214,230,978,060
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	77,686,874
`net_rshares`	0

@tattoodjay · Dec 31 '18

$0.07

Thats a cool initiative that that provide funds to motivate people to work and find solutions ot these issues 

Wishing you and yours a Happy New Years and all the best for 2019

👍 ethandsmith, daan, thesteemengine

`author`	tattoodjay
`permlink`	re-daan-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20181231t160046659z
`category`	open-source
`json_metadata`	{"tags":["open-source"],"community":"steempeak","app":"steempeak"}
`created`	2018-12-31 16:00:48
`last_update`	2018-12-31 16:00:48
`depth`	1
`children`	2
`last_payout`	2019-01-07 16:00:48
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.050 HBD
`curator_payout_value`	0.015 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	178
`author_reputation`	2,565,278,576,103,826
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	77,669,344
`net_rshares`	119,710,948,208
`author_curate_reward`	""

properties (23)vote details (3)

voter	rshares	pct
daan	48,013,734,527	55%
ethandsmith	53,080,890,119	15%
thesteemengine	18,616,323,562	10%

@daan · Dec 31 '18

Happy NY for you too @tattoodjay!

properties (22)

`author`	daan
`permlink`	re-tattoodjay-re-daan-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20181231t162619393z
`category`	open-source
`json_metadata`	{"tags":["open-source"],"users":["tattoodjay"],"app":"steemit/0.1"}
`created`	2018-12-31 16:26:18
`last_update`	2018-12-31 16:26:18
`depth`	2
`children`	1
`last_payout`	2019-01-07 16:26:18
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	33
`author_reputation`	68,495,317,885,928
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	0
`post_id`	77,670,565
`net_rshares`	0

@tattoodjay · Dec 31 '18

Thanks Kindly :)

properties (22)

`author`	tattoodjay
`permlink`	re-daan-re-tattoodjay-re-daan-the-eu-is-giving-out-bug-bounties-for-open-source-projects-20181231t165546952z
`category`	open-source
`json_metadata`	{"tags":["open-source"],"community":"steempeak","app":"steempeak"}
`created`	2018-12-31 16:56:39
`last_update`	2018-12-31 16:56:39
`depth`	3
`children`	0
`last_payout`	2019-01-07 16:56:39
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	17
`author_reputation`	2,565,278,576,103,826
`root_title`	"The EU is Giving Out Bug Bounties for Open Source Projects"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	77,672,066
`net_rshares`	0

@thesteemengine · Jan 4 '19

Congratulations! This post has been chosen as one of the daily Whistle Stops for The STEEM Engine!

<center>[![](https://ethandsmith.com/wp-content/uploads/2017/12/commentSTEEMengine.jpg)](https://steemit.com/@thesteemengine)</center>

You can see your post's place along the track here: [The Daily Whistle Stops, Issue 358 (01/01/19)](https://steemit.com/curation/@thesteemengine/the-daily-whistle-stops-issue-358-01-01-19)

properties (22)