- Khloé Kardashian angers followers with a calorie-counting joke about True 5 Years Ago
- Spider-Man may no longer be part of the Marvel Cinematic Universe 5 Years Ago
- Robert De Niro’s company is suing ex-employee for binge-watching Netflix at work Today 4:41 PM
- Intentionally misgendering a character could get you banned from Borderlands 3 Today 4:06 PM
- Facebook pulls Trump re-election ad for targeting ‘strong women’ Today 4:03 PM
- Kamala Harris says she will restore net neutrality if elected Today 3:16 PM
- All 8 of the ‘Rocky’ movies, ranked Today 2:50 PM
- Everything you need to know about the Facebook conservative bias report Today 2:35 PM
- Study links emoji use to more sex Today 2:10 PM
- The chicken sandwich war is in full throttle on Twitter Today 1:47 PM
- Netflix’s ‘Sextuplets’ proves Marlon Wayans is no Eddie Murphy—or even Mike Myers Today 1:31 PM
- Facebook is finally rolling out its clear history tool Today 1:13 PM
- ‘Theater etiquette’ tweets surge after YouTuber cast in ‘Waitress’ Today 12:55 PM
- A GoFundMe for Eric Garner’s killer has raised more than $70,000 Today 12:49 PM
- YouTuber finds GoPro footage of man who drowned in 2017 Today 12:20 PM
Google researcher who discovered Heartbleed bug donates $15K reward
You can’t put a price on karma.
When it comes to online security, Neel Mehta puts his money where his mouse is.
The Google Security researcher boosted a fundraiser for online privacy tools past its $100,000 goal by donating the $15,000 reward he received for helping to expose the Heartbleed bug.
The Freedom of the Press Foundation launched the fundraiser in December to support encryption tools that journalists and others can use to protect digital communications.
“We are very grateful to Neel’s donation,” Trevor Timm, the Freedom of the Press Foundation’s executive director, told the Daily Dot in an email. “These encryption tools are incredibly underfunded and this money will go to making the Internet a safer and more secure place.”
— Trevor Timm (@trevortimm) April 9, 2014
Timm said Mehta went with the default option on the fundraiser’s page to divide his donation equally between four tools—the LEAP Encryption Access Project, Open WhisperSystems, the TAILS secure operating system and the Tor Project. Contributors also had the option to donate to the Foundation’s own SecureDrop, which allows whistleblowers to securely submit information to media organizations.
After “subtracting what the credit card companies take,” said Timm, the total amounts divided between each of the tools are as follows:
- Open WhisperSystems: $19,149.49
- TAILS: $22,351.05
- LEAP Encryption Access Project: $17,665.12
- Tor Project: $19,632.20
- SecureDrop: $14,403.08
Five percent of all donations ($6,286.28) went toward the foundation’s operating costs.
This is the fourth time since December 2012 that Freedom of the Press Foundation fundraisers have procured more than $100,000 for causes such as WikiLeaks and other journalistic organizations, and to hire a stenographer to produce transcripts of the trial of Chelsea Manning, then known as Bradley Manning, for the public.
It’s common for people who expose security flaws, often referred to as “white hat hackers,” to receive rewards for their work. In October, Microsoft paid $100,000 to British security researcher James Forshaw for uncovering a security bug in Windows 8.1.
A group called the Internet Bug Bounty, which offers cash to those who expose security flaws in software critical to the Internet’s existence, rewarded Mehta for catching the cause of Heartbleed—a problem with OpenSSL, a cryptographic protocol that secures data exchanged between websites and servers.
The minimum reward offered for finding a flaw with OpenSSL is $2,500, but Mehta received six times as much, presumably due to the severity of the bug he helped expose. Security guru Bruce Schneier called Heartbleed “a catastrophic bug” and said, “On the scale of 1 to 10, this is an 11.”
The 2-year-old bug is thought to have affected nearly two-thirds of the Web. If attackers were aware of the bug, which is still unclear, they could have stolen a frightening number of users’ login information from sites ranging from social networks to financial institutions.
Google has not yet responded to our request for an interview with Mehta.
Photo by perspec_photo88/Flickr (CC BY-SA 2.0)
Fran Berkman is a technology reporter whose work for the Daily Dot focused on cryptocurrencies and internet freedom. In April 2017, he joined BuzzFeed as the deputy director of news curation.