The ChatGPT artificial intelligence has become very famous and has generated all kinds of controversies since its inauguration; however, the creators of the chatbot they continue to seek to fix security issues or limit the use of the tool for unethical purposes.
That is why OpenAI decided to launch a rewards campaign for those who manage to detect errors in ChatGPT. Users who detect errors must submit reports through the Bugcrowd cybersecurity platform.
The company explained what the idea is, the rules and their expectations. The first thing you read on the website is that “security is essential to the OpenAI mission. We appreciate the contributions of ethical hackers who help us maintain high standards of privacy and security for our users and technology.”
They go on to describe the rules and instructions for participating in the Open AI bounty program.
How to participate in the Open AI rewards?
– Report immediately on discovered vulnerabilities.
-Refrain from violating privacy, disrupting systems, destroying data, or damaging the user experience.
-Use OpenAI’s Bugcrowd program for communication related to vulnerabilities.
-Keep vulnerability details confidential until released by the OpenAI security team, which aims to provide authorization within 90 days of receipt of the report.
-Test only in-scope systems and honor out-of-scope systems.
-Do not access, modify or use data belonging to others, including OpenAI confidential data.
-If a vulnerability exposes such data, stop testing, submit a report immediately, and delete all copies of the data.
-Interact only with your own accounts, unless authorized by OpenAI.
-The disclosure of vulnerabilities to OpenAI must be unconditional.
-Do not engage in extortion, threats, or other tactics to obtain a response under duress.
How much does OpenAI pay to find the bugs?
The Bugcrowd page breaks down how payments would be made based on the bugs found; because they would not all have the same value: the lowest payments will be $200 and, if the importance of the vulnerabilities found is more serious, the value will increase until a maximum payment of $6,500.
The rewards include payments of 500, 1,000 and 2,000 dollars; but, there is a payment of $20,000, for “exceptional discoveries”. These payments would be with failures in the system that endanger the company or cause possible millions in losses.