Everybody loves a free cab ride. But if the system were giving out unlimited free rides that would be a very bad news for the ride-hailing service.
Anand Prakash, an Indian security engineer, prevented potential heavy losses for Uber by pointing out a bug in their system that would have allowed anyone to take unlimited free rides on Uber. Uber, in turn, rewarded Prakash with $5,000.
Prakash is a renowned white-hat hacker who has become famous by pointing out security loopholes in several websites. He discovered the bug in the Uber system that would have enabled any hacker to make multiple ride requests to the system without making any payments. The hacker had to essentially place random characters in the payment field through the code to get such access.
The details of the bug and a video is available on Prakash’s blog post. Uber’s security team has fixed the bug now.