Facebook follows Google and Mozilla in rewarding hackers
Yesterday the Facebook chief security officer Joe Sullivan announced at Hack in the Box (Amsterdam) that Facebook will reward hackers for reporting security vulnerabilities.
Facebook will officially release their plans soon, this way the social networking site hopes that hackers will report their vulnerabilities in a responsible manner.
They already had a security hall of fame which can be found here.
The rewards are still unknown but at Google and Mozilla you can get rewards ranging from $500 to $3.133,70, Facebook has a revenue of over $2.000.000.000 and over 600.000.000 users so let's hope they will start rewarding better than Google and Mozilla .
Still it's nowhere near the prices which you can get from for example ZDI where you can get $25.000 plus paid travel and registration to attend DEFCON, blackHat conferences, and blackHat training in Las Vegas.
Also I really hope they will improve the reporting process for vulnerabilities and response times, a lot of times the Facebook reporting process is what kept me back from reporting vulnerabilities to them.
It's not directly visible but the companies save a lot of money with these kind of reward programs, hackers very capable of hacking your corporate servers may very likely be poor and would love to get some money out of their knowledge.
Paying for vulnerabilities is a great movement in the right direction and I hope a lot companies will follow this great movement.
4 Comments
-
-
Jelmer de Hen says:
@YoGem everybody should think like that
-
-
Hello, I am Jelmer born in 1991 and I live in Holland. I met Fredrik and Mathias through the internet. You can contact me via email jelmerdehen [ at ] hotmail [d0t] com Or you can chat with me in the IRC.