Hackers love a good challenge — and one that pays is even better.
Three weeks ago, Facebook announced that it would pay hackers to find the holes in their system. As of Monday, Facebook has dished out $40,000 to what they call “independent researchers.”
According to a post by Joe Sullivan, Facebook’s chief security officer, on Facebook’s website, they launched this Bounty Bug Program find the flaws in software that are there due to “software complexity, programming errors, changes in requirements, errors made in bug tracking, limited documentation or bugs in software development tools.” Facebook continues:
Because bug reports are often complicated and can involve complex legal issues, we chose our words carefully when announcing the program. Perhaps because of this, there have been several inaccurate reports about how the program works. For example, some stories said that the maximum payment would be $500, when in fact that is the minimum amount we will pay. In fact, we’ve already paid a $5,000 bounty for one really good report. On the other end of the spectrum, we’ve had to deal with bogus reports from people who were just looking for publicity.
. . .
At the end of the day, we feel great knowing that we’ve launched another strong effort to help provide a secure experience on Facebook. A bug bounty program is a great way to engage with the security research community, and an even better way to improve security across a complex technological environment. Facebook truly does have the world’s best neighborhood watch program, and this program has proven that yet again for us.
According to PC World, Facebook isn’t the only company looking for “independent researchers” to try their hand hacking into their system. Google and Mozilla have done it too. Google for example was so confident Chrome was solid, that it offered hackers $20,000 to find the bugs.
[H/T PC World]