{"id":90,"date":"2018-05-04T14:09:40","date_gmt":"2018-05-04T14:09:40","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/28928\/We-Need-Bug-Bounties-For-Bad-Algorithms.html"},"modified":"2018-05-04T14:09:40","modified_gmt":"2018-05-04T14:09:40","slug":"we-need-bug-bounties-for-bad-algorithms","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/","title":{"rendered":"We Need Bug Bounties For Bad Algorithms"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/video-images.vice.com\/articles\/5ae8cf769ffa400006a2957d\/lede\/1525212550925-shutterstock_457668592.jpeg?crop=1xw:0.8439609902475619xh;center,center&amp;resize=1200:*\" class=\"ff-og-image-inserted\"\/><\/div>\n<p><a href=\"http:\/\/amitelazari.com\/\" target=\"_blank\"><em>Amit Elazari Bar On<\/em><\/a> <em>is a doctoral law candidate (J.S.D.) at<\/em> <a href=\"https:\/\/www.law.berkeley.edu\/\" target=\"_blank\"><em>UC Berkeley School of Law<\/em><\/a> <em>and a<\/em> <a href=\"https:\/\/cltc.berkeley.edu\/\" target=\"_blank\"><em>CLTC<\/em><\/a> <em>(Center for Long-Term Cybersecurity) Grantee, Berkeley School of Information, as well as a member of<\/em> <a href=\"https:\/\/afog.berkeley.edu\/\" target=\"_blank\"><em>AFOG<\/em><\/a> <em>, Algorithmic Fairness and Opacity Working Group at Berkeley. On 2017, Amit was a<\/em> <a href=\"https:\/\/ctsp.berkeley.edu\/\" target=\"_blank\"><em>CTSP<\/em><\/a> <em>Fellow.<\/em><\/p>\n<p>We are told opaque algorithms and black-boxes are going to control our world, shaping every aspect of our life. They warn us that without accountability and transparency, and generally without better laws, humanity is doomed to a future of machine-generated bias and deception. From calls to <a href=\"http:\/\/www.hup.harvard.edu\/catalog.php?isbn=9780674368279\" target=\"_blank\">open-the-black box<\/a> to the <a href=\"https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=3126971\" target=\"_blank\">limitations of explanations of inscrutable machine-learning models<\/a>, the regulation of algorithms is one of the most pressing policy concerns in today\u2019s digital society.<\/p>\n<p>Rising to the challenge, <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/xw4xdw\/new-york-city-algorithmic-bias-bill-law\" target=\"_blank\">regulators<\/a>, <a href=\"https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=3015350\" target=\"_blank\">scholars<\/a>, and <a href=\"https:\/\/ainowinstitute.org\/aiareport2018.pdf\" target=\"_blank\">think-tanks<\/a> have begun devising legal, economic, and technical mechanisms to foster fairness, accountability, and transparency in algorithmic decision-making. From anti-trust, <a href=\"https:\/\/lawreview.law.ucdavis.edu\/issues\/49\/4\/Lecture\/49-4_Balkin.pdf\" target=\"_blank\">fiduciary laws<\/a> to <a href=\"https:\/\/www.gwlr.org\/wp-content\/uploads\/2018\/04\/86-Geo.-Wash.-L.-Rev.-1.pdf\" target=\"_blank\">tort<\/a> and <a href=\"http:\/\/www.californialawreview.org\/wp-content\/uploads\/2016\/06\/2Barocas-Selbst.pdf\" target=\"_blank\">anti-discrimination<\/a> laws, academic journals are getting filled by innovative regulatory mechanisms to hold decision-makers and \u201cevil\u201d corporations accountable.<\/p>\n<p>This is great but, the discussion is still missing a critical part: While policymakers devise better laws to hold the people behind bad algorithms accountable, those who are actually best positioned to uncover the operations of bad algorithms are risking legal liability. Currently, US anti-hacking laws actually prevent algorithm auditors from discovering what\u2019s inside the black-box and report their findings. What we need is not just better laws\u2014we need a market that will facilitate a scalable, crowd-based system of auditing to uncover \u201cbias\u201d and \u201cdeceptive\u201d bugs that will attract and galvanize a new class of white-hat hackers: algorithmic auditors. They are the immune system for the age of algorithmic decision-making.<\/p>\n<p>Algorithmic auditors are a growing discipline of researchers specializing in computer science and human-computer interaction. They employ a variety of methods to tinker with and uncover how algorithms work, and their research has already sparked public discussions and regulatory investigations into the <a href=\"https:\/\/www.propublica.org\/article\/machine-bias-risk-assessments-in-criminal-sentencing\" target=\"_blank\">most dominant and powerful<\/a> algorithms of the Information Age. From <a href=\"https:\/\/www.ftc.gov\/system\/files\/documents\/public_comments\/2015\/09\/00011-97592.pdf\" target=\"_blank\">Uber<\/a> and <a href=\"http:\/\/social.cs.uiuc.edu\/papers\/eslami-ICWSM17-CameraReady.pdf\" target=\"_blank\">Booking.com<\/a> to <a href=\"https:\/\/cbw.sh\/static\/pdf\/fp039-hannak.pdf\" target=\"_blank\">Google<\/a> and <a href=\"http:\/\/social.cs.uiuc.edu\/papers\/pdfs\/Eslami_Algorithms_CHI15.pdf\" target=\"_blank\">Facebook<\/a>, to name a few, these friendly auditors already uncovered bias and deception in the algorithms that control our lives.<\/p>\n<p>Yet, there is a catch. Effective algorithmic auditing often requires techniques such as <a href=\"http:\/\/www-personal.umich.edu\/~csandvig\/research\/Auditing%20Algorithms%20--%20Sandvig%20--%20ICA%202014%20Data%20and%20Discrimination%20Preconference.pdf\" target=\"_blank\">\u201csock-puppet\u201d[ing] or scraping<\/a> that raise legal difficulties, as a recent decision coming out from the <a href=\"https:\/\/www.aclu.org\/news\/judge-allows-aclu-case-challenging-law-preventing-studies-big-data-discrimination-proceed\" target=\"_blank\">DC district court exposed<\/a>. In fact, algorithmic auditors and security researchers have much in common when it comes to dealing with US anti-hacking law\u2019s murky landscape. In both disciplines, the law is <a href=\"https:\/\/www.ischool.berkeley.edu\/sites\/default\/files\/cybersec-research-nsf-workshop.pdf\" target=\"_blank\">ill-equipped<\/a> and undermines vital research efforts that our society desperately needs, <a href=\"https:\/\/cdt.org\/insight\/report-taking-the-pulse-of-hacking-a-risk-basis-for-security-research\/\" target=\"_blank\">and legal threats are on the rise<\/a>. In both disciplines, still, the law allows corporations to prevent researchers from doing their job. Yet, while the barriers might be similar, the markets for security \u201cbugs\u201d and bias \u201cbugs\u201d are very different.<\/p>\n<p>In security, industry was able to create a <a href=\"https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=3161758\" target=\"_blank\">vibrant market for white-hat hacking using contracts<\/a>, in which companies pay millions to external researchers instead of suing them (generally). These bug bounty programs incentivize researchers to conduct security research and report security bugs in exchange for monetary and reputational rewards, fueling research on a multitude of platforms, paying millions to tens of thousands of friendly hackers, and keeping the data of billions of users (more) secure.<\/p>\n<p>From <a href=\"https:\/\/www.google.com\/about\/appsecurity\/reward-program\/\" target=\"_blank\">Silicon Valley giants<\/a> to the <a href=\"https:\/\/www.defense.gov\/News\/Article\/Article\/802828\/carter-announces-hack-the-pentagon-program-results\/\" target=\"_blank\">Department of Homeland Security<\/a>, bug bounties <a href=\"https:\/\/www.bugcrowd.com\/2018-predictions-it-takes-a-crowd\/\" target=\"_blank\">are exploding<\/a>, and a new trend of <a href=\"https:\/\/newsroom.fb.com\/news\/2018\/04\/data-abuse-bounty\/\" target=\"_blank\">Privacy bug bounties is emerging<\/a>. Indeed, friendly hackers, are also an important part of the <a href=\"https:\/\/www.ted.com\/talks\/keren_elazari_hackers_the_internet_s_immune_system\" target=\"_blank\">internet immune system<\/a>, and even <a href=\"https:\/\/www.justice.gov\/criminal-ccips\/page\/file\/983996\/download\" target=\"_blank\">regulators and government agencies are recognizing that as well<\/a>.<\/p>\n<p>And yes, this legal market for external crowd-based security and privacy research is operating <em>within<\/em> the current boundaries of the law\u2014with no legal reform in the horizon. But in artificial intelligence, while calls for algorithmic fairness and accountability are rising, auditors are facing liability under outdated laws. They risk getting cease-and-desist letters for their meaningful contribution towards an \u201copen-box\u201d society.<\/p>\n<p>From this paradoxical reality the idea to create a market and legal framework that incentivizes scalable crowd-based auditing of algorithms, involving users and auditors alike emerges. In other words, we need to employ the immune system approach existing in security, for algorithms as well.<\/p>\n<p>Introducing, the \u201cAlgorithmic Bug Bounty.\u201d This is a framework that applies Linus Law (\u201cgiven enough eyeballs, all bugs are shallow\u201d) to algorithmic bias and deception, harnessing legal, reputational, and monetary incentives to create a market for \u201cbias bugs,\u201d <a href=\"https:\/\/ainowinstitute.org\/aiareport2018.pdf\" target=\"_blank\">free from capture and corporate corruption<\/a>. Indeed, this bug bounty program is geared towards users as well. Users are not just passive subjects of algorithmic decision-making, but sometimes they operate as agents of change, by <a href=\"http:\/\/social.cs.uiuc.edu\/papers\/ICWSM17-PrePrint.pdf\" target=\"_blank\">reporting potential fairness or deceptive \u201cbugs.\u201d<\/a> If we want to hold decision makers accountable, we need better enforcement, and enforcement means auditing. Only a market solution could scale crowd-based auditing of algorithms in the private sector.<\/p>\n<p>Yes, admittedly it will take years until we establish a similar set of monetary and market incentives to foster algorithmic auditing, as we now finally have for security vulnerabilities.<\/p>\n<p>It will take years until our laws and our society create a reality where a \u201cbias bug\u201d is as costly as a massive data breach. Laws will need to change. Intermediaries similar to hackers\u2019 platforms, that will enable small and mid-size businesses to adopt algorithmic bug bounties into their institutions will need to emerge. Best practices and standards will need to be written, and we might start with programs with no incentives (akin to <a href=\"https:\/\/resources.sei.cmu.edu\/asset_files\/SpecialReport\/2017_003_001_503340.pdf\" target=\"_blank\">Coordinated Vulnerability Disclosure<\/a> programs) or \u201cprivate\u201d Algorithmic Bug Bounties, where only a handful of external researchers are invited to test the system. It takes time to build a market.<\/p>\n<p>Still, if there is one thing to be learned from decades of technological developments it&#8217;s that it \u201ctakes a crowd,\u201d a community, to affect change. The sooner we embrace that, the better we will be able to truly \u201copen the black box\u201d.<\/p>\n<p><em>The author would like to thank Keren Elazari, Christo Wilson and<\/em> <em>Motahhare Eslami.<\/em> <em>These ideas will be explored in depth in a paper the author is working on: Amit Elazari Bar On, Christo Wilson and Motahhare Eslami, \u2018Beyond Transparency \u2013 Fostering Algorithmic Auditing and Research\u2019 (working draft to be presented at PLSC 2018).<\/em><\/p>\n<p>Read More <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/28928\/We-Need-Bug-Bounties-For-Bad-Algorithms.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Read More HERE&#8230;<\/p>\n","protected":false},"author":1,"featured_media":91,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[123],"class_list":["post-90","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflawscience"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-04T14:09:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1125\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"thadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@thadmin\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"thadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/\"},\"author\":{\"name\":\"thadmin\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/b07e00649871a6dd150cd57b33f7db66\"},\"headline\":\"We Need Bug Bounties For Bad Algorithms\",\"datePublished\":\"2018-05-04T14:09:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/\"},\"wordCount\":1052,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/we-need-bug-bounties-for-bad-algorithms.jpg\",\"keywords\":[\"headline,flaw,science\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/\",\"name\":\"We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/we-need-bug-bounties-for-bad-algorithms.jpg\",\"datePublished\":\"2018-05-04T14:09:40+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/we-need-bug-bounties-for-bad-algorithms.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/we-need-bug-bounties-for-bad-algorithms.jpg\",\"width\":2000,\"height\":1125},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/we-need-bug-bounties-for-bad-algorithms\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw,science\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflawscience\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"We Need Bug Bounties For Bad Algorithms\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/b07e00649871a6dd150cd57b33f7db66\",\"name\":\"thadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"caption\":\"thadmin\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/thadmin\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/","og_locale":"en_US","og_type":"article","og_title":"We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-04T14:09:40+00:00","og_image":[{"width":2000,"height":1125,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg","type":"image\/jpeg"}],"author":"thadmin","twitter_card":"summary_large_image","twitter_creator":"@thadmin","twitter_site":"@threatshub","twitter_misc":{"Written by":"thadmin","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/"},"author":{"name":"thadmin","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66"},"headline":"We Need Bug Bounties For Bad Algorithms","datePublished":"2018-05-04T14:09:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/"},"wordCount":1052,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg","keywords":["headline,flaw,science"],"articleSection":["Packet Storm"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/","url":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/","name":"We Need Bug Bounties For Bad Algorithms 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg","datePublished":"2018-05-04T14:09:40+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/we-need-bug-bounties-for-bad-algorithms.jpg","width":2000,"height":1125},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/we-need-bug-bounties-for-bad-algorithms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw,science","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflawscience\/"},{"@type":"ListItem","position":3,"name":"We Need Bug Bounties For Bad Algorithms"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66","name":"thadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","caption":"thadmin"},"sameAs":["https:\/\/x.com\/thadmin"]}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/90","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=90"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/90\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/91"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=90"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=90"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=90"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}