If you’re the kind of person who likes to tinker with smartphones in an effort to find bugs and security holes, you’re in luck. There are now two different OnePlus bug bounty programs available that have the potential to pay out big bucks to people who find problems within Oxygen OS.
The first OnePlus bug bounty program is run by the company itself. Named the OnePlus Security Response Center, the bounty program will pay out anywhere from $50 to $7,000 for each security bug researchers can find within Oxygen OS.
Best of all, anyone can report these security bugs. All you need to do is discover the OnePlus bug and then submit an online form describing the problem. You also need to show a proof-of-concept and the bug report needs to be original, i.e. not posted anywhere else online. You can find out more information on the bug submission process here (you must be signed in to a OnePlus account to see the page).
The second bounty program is not run by the company itself. Instead, it’s a partnership with a renowned hacker-powered security platform called HackerOne. This program is more exclusive in that not just anyone can work with HackerOne and start submitting bug reports. Select HackerOne researchers will test out OnePlus products for potential security threats in a private setting. However, a public version of this program will go live sometime in 2020.
OnePlus’ rollouts of Android 10 for the OnePlus 7, OnePlus 7 Pro, OnePlus 6, and OnePlus 6T, were a bit of a mess. The rollouts for all four phones started and stopped a few times due to various bugs and other issues. As of today, many OnePlus 6/6T owners still don’t have the update, despite the rollout officially starting at the beginning of November. These OnePlus bug bounty programs are a welcome announcement in light of these issues.