Week in Review: May 11, 2016

Canada: Popular Porn Company Partners with Hackerone to Pinpoint Security Vulnerabilities

Pornhub launched its own security bug bounty program. The company’s site attracts an average of 60 million visitors each day. In conjunction with Hackerone, Pornhub announced that its “bug bounty program is limited strictly to technical security vulnerabilities of Pornhub services listed in the scope. Any activity that would disrupt, damage or adversely affect any third-party data or account is not allowed.” As such, they forbid programmers from conducting Denial of Service attacks to reveal vulnerabilities in the site’s software. Many cybersecurity experts have pointed out that Pornhub did previously have a bounty program in place, but it was via invite only. This new bounty program promises to reward any individual, who pinpoints a vulnerability, even those who are not affiliated with the company. “Like other major tech players have been doing as of late, we’re tapping some of the most talented security researchers as a proactive and precautionary measure – in addition to our dedicated developer and security teams — to ensure not only the security of our site but that of our users, which is paramount to us,” said Corey Price, Vice President, Pornhub. Motherboard has published many articles on recent attempts to hack adult websites. It is unclear what exactly prompted Pornhub to launch its bug bounty program now, but in the past year, journalists found evidence to suggest that Hacking Team might have developed spyware that could affect Pornhub users.

India: Govt Opens Controversial Geospatial Information Regulation Bill to Public Comments

A new bill aims to “regulate the acquisition, dissemination, publication and distribution of geospatial information of India.” Netizens and cartographers alike have said that the bill would make it illegal to publish map-related information about India, without the permission of an Indian governmental agency. U.S. journalists have tried to decipher what repercussions the bill might have on Indian cartography if it is passed, but many questions remain. One expert speculated that the Geospatial Information Regulation Bill is an attempt to “rein in Google." One Indian official spoke to the Economic Times and stated, “We are not banning anyone from mapping India - only that the mapping has to be in line with Indian security considerations regarding sensitive installations and correct boundaries being depicted like not showing PoK [Pakistan Occupied Kashmir] and Arunachal Pradesh as out of India.” Another online newspaper added that the “Geospatial Bill is Bad News for Almost Every Startup in India." The draft bill is open for public comments until June 3, 2016.

Russia: