Ethical Internet hacker scoops £1,000 bounty
A Bangor University student recently scooped a £1,000 prize at a hackathon weekend in Russia. Jamie Woodruff, 21, a student at the School of Computer Science was invited to the Startup Weekend event in Moscow to do a live hack in front of around 1000 people. He was also a guest speaker at the event and gave a talk about cyber security. The Startup Weekend is a 56-hour hackathon where programmers, designers and entrepreneurs hacked up mind blowing websites, amazing apps, and incredible services in order to build fully functional businesses.
During the weekend, Jamie discovered privacy vulnerabilities in Facebook and the Russian social media platform VK.com. Facebook is part of a bounty programme, where companies pay ethical hackers like Jamie to find weaknesses in their software code to potentially earn bounties. Jamie won a bounty of £1,000, but has chosen to donate it to Hackaglobal, a community led non-profit organisation. Hackaglobal creates, fosters and connects communities of passionate programmers around the world.
About the event, Jamie said: “I was really excited to be invited to Russia, it’s one of many international events that I will be attending this year. Even though I’m dyslexic and dyspraxic, this just goes to show that anyone can do anything when they put their mind to it.”
Founder of HackaGlobal and organiser or the event, Alejandro Saucedo, said:
“Jamie is the best and most passionate ethical hacker I have ever met. He has the skills and knowledge to break into anything - literally, website, service, database, you name it. And yet, he chooses not to use these skills to harm others, but instead, to help by raising awareness and disclosing vulnerabilities confidentially. With such a passion towards security, I'm certain that Jamie will go very far.”
Since Jamie won the Best Hack category at the Southampton Hackathon in April, he is now a Certified Penetration Engineer. This means that he tests company websites for vulnerabilities, where he pretends that he works for a company, and then attempts to gain as much information from that company or website within a short timeframe and then puts recommendations to the company on how to fix these weaknesses.
So far this year, Jamie has managed to find vulnerabilities in banking platforms and has been accredited for this on their websites. https://www.simple.com/policies/website-security.
Next up, Jamie will be participating at a prestigious London event amid speakers such as Boris Johnson and Lord Alexander Carlile. He'll be performing a live hack on stage at the ‘Legislating for LulzSec’ event - a discussion on privacy, data & policy for the digital economy.
The event, hosted by Innotech, will focus on the reoccurring questions of digital skills in terms of cyber hacking, privacy, and the future of governments interference of citizens’ data.
Due to his success at these events, Jamie has been recognised by various corporations, he is currently sponsored by Varcity Living, IT Security Experts and Core Security. This sponsorship helps Jamie with computer equipment and with travel expenses etc to take part in hackathons across the UK and beyond.
Publication date: 2 October 2014