Ever wondered what you could do in order to get a free Uber ride? Well, it appears that with a little luck and some coding know-how, anyone can take an Uber ride without paying any money. Recently, an online security researcher has identified a major vulnerability in Uber’s ride-handling application which potentially allowed clients to ride the cab for free indefinitely. Uber patched the issue and rewarded the online security expert with $5,000.
Uber is safe once again thanks to the efforts of a top-notch cybersecurity researcher who identified a vulnerability that has turned into a major financial disaster. For some time now, Internet users have been sharing information about how to ride free with Uber.
Although the perspective is rather tempting, taking into account that some of us don’t afford a car or are having trouble passing the driver’s license examination, it does seem a bit clandestine. Anand Prakash, the online security researcher who identified the loophole and alerted Uber declared that the method was so easy to reproduce that even one with no coding knowledge whatsoever could take advantage of it.
The security expert stated that you could potentially start riding for free right from the moment you decided to create an account. As Prakash pointed out, when creating an account, the user only has to change the payment method from cash or credit to an invalid one.
Moreover, the same thing can be achieved by compiling the source code and changing the payment method ID line to something random like ‘abc’ or ‘xyz’. Prakash wrote in his online security blog that with this simple method, he actually managed to book Uber rides for free in Indian and in the United States.
After discovering the vulnerability issue, Prakash contacted the company and told them about the ride-handling problem. Uber promptly fixed the issue, and, in return, reward the Indian online security researcher with $5,000 for his efforts.
It appears that Prakash has collaborated with many companies including Yahoo, Twitter, and Souq in order to discover and flag potential vulnerabilities. So, it’s safe to assume that the researcher earned a couple of thousand of dollars by pointing out a small error which can be exploited.
Meanwhile, Uber is trying to make a comeback, after suffering a couple of setbacks during the Muslim ban strike and the sexism scandal involving an ex-employee. So, you can now ride with your Uber driver without any concern that someone might be doing it for free.
Image source: Pixabay