one article is really interesting from Intel, saying that Intel Corp has announced the launch of its first bug bounty program, offering rewards up to $30,000 for hardware vulnerabilities. The program enlists white hats all over the globe to hunt for bugs in their software, firmware and hardware. Intel said, “We want to encourage researchers to identify issues and bring them to us directly so that we can take prompt steps to evaluate and correct them, and we want to recognize researchers for the work that they put in when researching a vulnerability.” Unsurprisingly, the harder a vulnerability is to mitigate, the more the chipmaker will pay. Intel said that it considers several factors when determining the severity of a vulnerability. The first step is to use the CVSS 3.0 calculator to compute a base score. The base score is then adjusted up or down based on the security objectives and threat model for the given product. For software, rewards can range up to $7,500; for firmware, up to $10,000; and for hardware, up to $30,000. Items that are not in the program scope include Intel Security (McAfee) products; third-party products and open source; and Intel’s web Infrastructure. Recent acquisitions also are not in-scope for the bug bounty program for a minimum period of six months after the acquisition is complete.