Hackers Wanted, Says Facebook

Dennis Faas's picture

Mass popularity has made Facebook a target of hackers for years now.

In an effort to combat this problem, those behind the social network have issued a "bug bounty" program that offers monetary compensation to those who find vulnerabilities on the social networking website.

Many report problems with Facebook on personal blogs and other public forums anyways, in an effort to gain some semblance of prestige within the hacking community. But discussing these issues in public (and before the company has had a chance to address these concerns) puts even more users at risk.

Facebook Recruits White-Hat Hackers

Facebook plans to launch a new Whitehat hacking portal where so-called 'reputable hackers' can sign up for the program and report bugs for cash. The company is not the first to offer such a bounty for flaws, however.

Google last year began a similar campaign, paying hackers to uncover browser bugs. The response was so overwhelming that the program was eventually expanded later in 2010 to cover issues with other web properties as well. (Source: csoonline.com)

Since its initial launch, the bug bounty has helped Google find many programming errors, with most surfacing in lesser-known subsidiaries. As one spokesperson revealed in a recent email, "We (Google) are very happy with the success of our vulnerability reward program so far. We've already given out $300,000 and have seen a variety of interesting bugs." (Source: computerworld.com)

Hundreds Available for Bug Finds

While no set amount has ever been established, Google is believed to have paid out between $500 and $3,200 per issue, depending on the severity of the problem.

Facebook now plans to follow the "going rate" Google had established with their bug bounty program. Security-related issues (like cross-scripting flaws) will hold a base rate of $500. Significant flaws could net hackers even more money, but Facebook would not reveal exactly how much.

Rate this article: 
No votes yet