Facebook Raises Payment For Its Bug Bounty Program

Kumari Shrivastav - Oct 17, 2019


Facebook Raises Payment For Its Bug Bounty Program

Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities.

On Tuesday, Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities. It has also been upgrading several of its security and protection initiatives.

According to the company's blog posts, it would provide more ways for security researchers to help them detect and disclose flaws in third-party sites and apps integrating with the social network.

facebook-bug-bounty-program-1

As stated by Dan Gurfinkel, the engineering security manager at Facebook, researchers are now not limited to just "passively observing the vulnerability."

That means if authorized by the third party, they can test these apps actively to detect security issues, Facebook stated. So instead of finding bugs by observing an app's traffic, security researchers now look into how a third-party app can abuse user data.

Gurfinkel also said:

Capture

facebook-bug-bounty-program-2
Bug hunters can now test third-party apps if authorized

The lowest amount of a bug is Rs 35,682 and will change depending on how severe the bug is. Besides, researchers are required to show proof that they got authorized by the third party to conduct tests.

In September 2018 saw the first announcement for Facebook’s bug bounty program which aimed at how users' personal data could get leaked via unreliable developers that the company cannot control.

The Cambridge Analytica scandal last year marked the first red flags of privacy concerns from third-party apps for Facebook. Developers created Facebook apps to harvest data for Cambridge Analytica researchers, which threatened user privacy and caused potential political interference.

Security researcher, in April, discovered a Facebook open database that a media firm harvested using an app on the platform.

Bug bounties allow Facebook to broaden the search for data-harvesting apps though it already has a security group for the task. In March last year, the social giant first expanded its own bug bounty program and began considering such apps to be security flaws.

facebook-bug-bounty-program-3
Facebook expands its bug bounty programs after the scandal in 2018

Not only Facebook but also Apple has been revamping bug bounty programs with the highest offer of $1 million for high-level hacks. Rather than abusing flaws, security researchers now search for flaws and bugs that hunters could take advantage of and get remunerated for informing the company.

The bounty often rises in accordance with the rarity of the bug. Often, native code bugs are harder to find as they are hidden deep in the service; therefore, the social network decided to increase the reward for them.

facebook-bug-bounty-program-4
The valuable reward of thousands of dollars for successful hacks

The whole bug payout with a bonus of Rs 10.7 lakh will be given to researchers finding and reporting a zero-click flaw in the Messenger app on iOS if they can provide a proof-of-concept to it, said Facebook. This type of flaws is rare since they don't need to interact with users to affect them.

In November, there will be Pwn2Own Tokyo -  a hacker meeting, where the company said it would bring its hardware so that hackers can discover vulnerabilities. In March, Tesla showed a car in Pwn2Own Vancouver and fortunate hackers gained it alongside a reward of Rs 24.98 lakh.

A reward of Rs 42.8 lakh and Rs 28.5 lakh are offered for effective hacks of Facebook Portal Device and Oculus Quest, respectively.

Comments

Sort by Newest | Popular

Next Story

Read more

Have Your Face Printed On Masks For ₹ 60 At This Kerala Studio

Features- Jun 01, 2020

Have Your Face Printed On Masks For ₹ 60 At This Kerala Studio

According to Binesh G Paul, the photographer and owner of the studio, he had the idea when people at local stores did not recognize him with masks on

Like An Apocalyptic Movie: Swarms Of Locusts Invaded India

Features- Jun 01, 2020

Like An Apocalyptic Movie: Swarms Of Locusts Invaded India

Amid the COVID-19 outbreak and after the attack of Cyclone Amphan, India finds itself in another battle against locust swarms.

Best Phone Processor: Who Makes The Best Smartphone Chips?

Gadgets- May 31, 2020

Best Phone Processor: Who Makes The Best Smartphone Chips?

Best phone processor: What makes up a good phone processor? What companies are making phone processors? Which is the best chip? Let's find out.

Minors Broke Into Shop Stealing 20 Smartphones To Play PUBG With Friends

Features- Jun 01, 2020

Minors Broke Into Shop Stealing 20 Smartphones To Play PUBG With Friends

At the police station, the two minors admitted they are addicted to PUBG and wanted their friends to join the game

This Free App Lets You Stream VR P.o.r.n On PlayStation 4

Features- May 30, 2020

This Free App Lets You Stream VR P.o.r.n On PlayStation 4

Even though Sony has banned VR p.o.r.n on its PlayStation 4 consoles, a new way to do so has recently emerged

Best S.e.x Positions To Try Based On Your Zodiac Signs

Features- May 30, 2020

Best S.e.x Positions To Try Based On Your Zodiac Signs

If the sheer number of s.e.x positions to try overwhelms you, let us help with suggestions based on your zodiac signs