Facebook announced that it will give $500 bounty for people who report bugs on its site. This is much less than the bug rewards offered by other internet companies such as Microsoft and Google. Facebook posted on the Security Bug Bounty page that the reward is to show appreciation for security researchers who find security bugs in the social network site. 
To qualify for the reward, the person must report the security glitch. The bug should be native to Facebook and not in third party apps. The disclosures of the bug must be responsible and should give the company enough time before reporting the bug to the public. Security researchers have the knack of reporting their finds on blogs to warn the users about it.
$500 is just the base of the bounty but it is small compared to what other companies have to offer. Google pays $3,000, Microsoft pays $250,000 and Mozilla pays $3,000. Tipsters who report illegal use of unlicensed software to the Business Software Alliance can get up to $1 million.
Reporting Facebook bugs can help upcoming security researchers make a name for themselves in the security community. The reward might be smaller but bounty programs can lead to a good relationship with other members of the security community.
No comments:
Post a Comment