Facebook offers bounty to bug hunters(Read article summary)
Facebook wants to give you $500. But first you have to help the social network locate flaws in its infrastructure.
Facebook wants you to crush the bugs plaguing its online infrastructure – and it is willing to pay you a substantial amount of cash if you can. In an open letter published today, Facebook reps invited researchers to pick through its site, and look for errors that "could compromise the integrity or privacy of Facebook user data," including scripting flaws and "remote code injections." Your reward? Somewhere in the neighborhood of $500.
In order to qualify for the bounty, users will have to abide by the Facebook "Responsible Disclosure" agreement, which asks researchers to "give [Facebook] a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research," etc.
Translation: If you find a problem with Facebook, let Facebook know, and give them time to fix that problem, instead of taking the problem straight to the court of public opinion. To help corral all these bug reports, Facebook is creating a portal for so-called White Hat researchers; as incentive, Facebook has already posted the names of folks who have already registered a "responsible" disclosure.