HP is launching a bug bounty program that will pay up to $10,000 for... printer exploits? It's true: you can earn a bundle of cash by hacking HP's printers, and perhaps one day we can rest easy with the knowledge we are one step ahead of these nefarious devices.
"As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up," said Shivaun Albright, HP's chief technologist of print security. Yes, that's a real job that exists, because we've foolishly added internet connectivity to every device on the planet, and one day our refrigerators and our printers will be used to destroy us all.
"HP is committed to engineering the most secure printers in the world," Allbright said.
HP is teaming up with Bugcrowd to vet submissions. Bugcrowd just released its 2018 State of Bug Bounty report, and in it the company notes a 21 percent increase in vulnerabilities discovered in endpoint devices (like connected printers) over the past year.
For the most part, this is not something home consumers have to fret over—the focus is on enterprise printers. The bigger headache for home users, related to printers, is that annoying 'low ink' notification when you know there is enough to print a document. You might recall the "Your Printer is a Brat" video from nearly a decade ago that even today hits a little too close to home.
As for the bug bounty program, award amounts start at $500. HP told ZDNet that it would consider paying awards to external researchers who discover bugs that have already been discovered internally. The company also said it eventually plans to extend the program to its PCs, but did not offer up a time frame. In the meantime, if you've ever daydreamed about taking your printer outside and beating it with a sledgehammer, now you can get paid for the pleasure (but by busting open its code, instead).
