- Video shows people harassing elderly Asian man while he collects cans Tuesday 6:23 PM
- Bob Iger steps down as Disney CEO, prompting conspiracy theories Tuesday 5:53 PM
- Bhad Bhabie threatens to kill Skai Jackson amid feud involving their moms Tuesday 4:51 PM
- Body camera shows officer boasting about arresting a 6-year-old Tuesday 3:58 PM
- Singer Duffy opens up about the rape, captivity that led her to stop singing Tuesday 3:51 PM
- Cynthia Nixon embodies feminist rage in viral video Tuesday 3:30 PM
- Samsung factory shuts down amid confirmed coronavirus case Tuesday 3:08 PM
- Bebe Rexha says she won’t be ‘imprisoned’ by bipolar disorder Tuesday 2:33 PM
- The ‘your music saved me’ meme celebrates the wackiest influences of our time Tuesday 2:20 PM
- This guy slapped his mom’s boobs for a TikTok and, honestly, it’s exhausting (updated) Tuesday 12:37 PM
- Jif peanut butter and Giphy have joined forces on how to pronounce ‘GIF’ Tuesday 12:19 PM
- This dad threw a 1-year HRT party for his trans son and the internet can’t get enough of it Tuesday 11:44 AM
- This petition wants Pornhub to be shut down for good Tuesday 11:03 AM
- Pete Buttigieg’s speech voice is suspiciously like Obama’s Tuesday 10:56 AM
- Exposé about Bernie staffer’s Twitter leads to his firing—and an online class war Tuesday 10:40 AM
Google researcher who discovered Heartbleed bug donates $15K reward
You can’t put a price on karma.
When it comes to online security, Neel Mehta puts his money where his mouse is.
The Google Security researcher boosted a fundraiser for online privacy tools past its $100,000 goal by donating the $15,000 reward he received for helping to expose the Heartbleed bug.
The Freedom of the Press Foundation launched the fundraiser in December to support encryption tools that journalists and others can use to protect digital communications.
“We are very grateful to Neel’s donation,” Trevor Timm, the Freedom of the Press Foundation’s executive director, told the Daily Dot in an email. “These encryption tools are incredibly underfunded and this money will go to making the Internet a safer and more secure place.”
— Trevor Timm (@trevortimm) April 9, 2014
Timm said Mehta went with the default option on the fundraiser’s page to divide his donation equally between four tools—the LEAP Encryption Access Project, Open WhisperSystems, the TAILS secure operating system and the Tor Project. Contributors also had the option to donate to the Foundation’s own SecureDrop, which allows whistleblowers to securely submit information to media organizations.
After “subtracting what the credit card companies take,” said Timm, the total amounts divided between each of the tools are as follows:
- Open WhisperSystems: $19,149.49
- TAILS: $22,351.05
- LEAP Encryption Access Project: $17,665.12
- Tor Project: $19,632.20
- SecureDrop: $14,403.08
Five percent of all donations ($6,286.28) went toward the foundation’s operating costs.
This is the fourth time since December 2012 that Freedom of the Press Foundation fundraisers have procured more than $100,000 for causes such as WikiLeaks and other journalistic organizations, and to hire a stenographer to produce transcripts of the trial of Chelsea Manning, then known as Bradley Manning, for the public.
It’s common for people who expose security flaws, often referred to as “white hat hackers,” to receive rewards for their work. In October, Microsoft paid $100,000 to British security researcher James Forshaw for uncovering a security bug in Windows 8.1.
A group called the Internet Bug Bounty, which offers cash to those who expose security flaws in software critical to the Internet’s existence, rewarded Mehta for catching the cause of Heartbleed—a problem with OpenSSL, a cryptographic protocol that secures data exchanged between websites and servers.
The minimum reward offered for finding a flaw with OpenSSL is $2,500, but Mehta received six times as much, presumably due to the severity of the bug he helped expose. Security guru Bruce Schneier called Heartbleed “a catastrophic bug” and said, “On the scale of 1 to 10, this is an 11.”
The 2-year-old bug is thought to have affected nearly two-thirds of the Web. If attackers were aware of the bug, which is still unclear, they could have stolen a frightening number of users’ login information from sites ranging from social networks to financial institutions.
Google has not yet responded to our request for an interview with Mehta.
Photo by perspec_photo88/Flickr (CC BY-SA 2.0)
Fran Berkman is a technology reporter whose work for the Daily Dot focused on cryptocurrencies and internet freedom. In April 2017, he joined BuzzFeed as the deputy director of news curation.