No bounty for this teenager bug hunter

“My curiosity knows no bounds. I’ve always wondered if it’d be possible to travel across the world for free,” says Kanishk Sajnani, who recently revealed in a blog post (https://medium.com/@kanishksajnani/how-i-could-have-travelled-the-world-for-free-5bb10ac46ae5) that he had, in November 2015, booked a business class ticket on Air India’s website from New Delhi to San Francisco for just one rupee. “When my friends got to know about the one rupee ticket, they were amazed and wanted me to book tickets for them too.”

The computer science student at L.J. College of Engineering in Ahmedabad didn’t actually travel on the ticket, but he did alert Air India officials to the ‘bug’ – technical loopholes on a website that can allow a potential user to manipulate it to his/her advantage. Air India’s wasn’t the only website the 21-year-old ethical hacker has managed to find bugs in. He’s also alerted Faasos, ClearTrip and SpiceJet to similar bugs on their web portals. Sajnani says he was prompted put out this information in a public domain earlier this month by news of massive leak of information of Zomato’s users’ email addresses and passwords to “acquaint people of the loopholes in various well-known companies that they rely on”.

Internationally, people like Sajnani, …read more