openai bounty

By now we all know OpenAI, the company behind Chatgpt. Maybe you may have heard that the company paid Kenyan workers less than $2 an hour to filter through tens of thousands of lines of horrific text to help make its chatbot safer. Well, the  advanced artificial intelligence (AI) research company has now opened up its Bug Bounty Program, designed to incentivize individuals or groups to discover and report security vulnerabilities or bugs in OpenAI’s software systems, applications, or infrastructure.

What is the OpenAI Bug Bounty Program?

The OpenAI Bug Bounty Program is a program that rewards individuals or groups who discover and report security flaws or bugs in OpenAI’s systems. The program aims to help ensure the security and integrity of OpenAI’s technology and protect its users’ data. The rewards range from $200 to $6,500 per vulnerability, with a maximum reward of $20,000.

Also Read: Google Unveils Revamped Bug Bounty Program

How Effective is the Program?

According to the company, it has rewarded 14 vulnerabilities as of the time of this report. The average payout in the last three months is $1,287.50. The company claims that validation is done within about 2 hours; 75% of submissions are accepted or rejected within about 2 hours.

Also Read: Facebook Announces New Bonuses For Bug Bounty Hunters

Rules of Engagement

To ensure that the bug bounty program runs smoothly and that the company is protected, OpenAI has put some rules in place. Individuals or groups who want to participate in the program must follow these rules:

  1. You are authorized to perform testing in compliance with this policy.
  2. Follow this policy and any other relevant agreements. In case of inconsistency, this policy takes precedence.
  3. Promptly report discovered vulnerabilities.
  4. Refrain from violating privacy, disrupting systems, destroying data, or harming the user experience.
  5. Use OpenAI’s Bugcrowd program for vulnerability-related communication.
  6. Keep vulnerability details confidential until authorized for release by OpenAI’s security team, which aims to provide authorization within 90 days of report receipt.
  7. Test only in-scope systems and respect out-of-scope systems.
  8. Do not access, modify, or use data belonging to others, including confidential OpenAI data. If a vulnerability exposes such data, stop testing, submit a report immediately, and delete all copies of the information.
  9. Interact only with your own accounts, unless authorized by OpenAI.
  10. Disclosure of vulnerabilities to OpenAI must be unconditional. Do not engage in extortion, threats, or other tactics to elicit a response under duress. OpenAI denies Safe Harbor for vulnerability disclosure conducted under such circumstances.
AlSO READ:  TechCabal is Hiring in Kenya, South Africa and Nigeria

Also Read: Microsoft will Pay You Sh25 Million if You Can Find Bugs on Any of Their Products, Services or Devices

What is in Scope of the Bug Bounty Program?

The scope of the bug bounty program includes the following:

  1. API Targets
  2. ChatGPT
  3. Third-Party Corporate Targets
  4. OpenAI API Keys
  5. OpenAI Research Org
  6. Other OpenAI Targets include the OpenAI.com website, OpenAI Developer Documentation, Developer playground, any other Internet-facing infrastructure operated by OpenAI and not specified in another target and any other public cloud resources or infrastructure operated by OpenAI.

Also Read: Apple Will Pay You Sh160 Million if You Can Find a Bug on Any of Their Devices

Why Should You Participate?

OpenAI welcomes people to report vulnerabilities, bugs, or security flaws they discover in their systems. The company believes that “By sharing your findings, you will play a crucial role in making our technology safer for everyone.”

Participating in the bug bounty program is an opportunity to help protect OpenAI’s technology and the data of its users. It is also an opportunity to earn rewards for discovering and reporting security vulnerabilities or bugs.

Follow Techspace Africa on Facebook and Twitter. For the latest news, tech news, breaking news headlines, reviews and live updates check out tech-space.africa


Join us on Telegram
Nigel Jr.
As a tech enthusiast and expert, Nigel Jr. is dedicated to providing in-depth and insightful content on all things technology. With a background in online journalism, product reviewing, and tech creation, Nigel has become a trusted source for all things tech.

You may also like