Facebook Raises Payment For Its Bug Bounty Program

Kumari Shrivastav - Oct 17, 2019


Facebook Raises Payment For Its Bug Bounty Program

Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities.

On Tuesday, Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities. It has also been upgrading several of its security and protection initiatives.

According to the company's blog posts, it would provide more ways for security researchers to help them detect and disclose flaws in third-party sites and apps integrating with the social network.

facebook-bug-bounty-program-1

As stated by Dan Gurfinkel, the engineering security manager at Facebook, researchers are now not limited to just "passively observing the vulnerability."

That means if authorized by the third party, they can test these apps actively to detect security issues, Facebook stated. So instead of finding bugs by observing an app's traffic, security researchers now look into how a third-party app can abuse user data.

Gurfinkel also said, "This alteration dramatically increases the security research’s extent which our bug hunters network can impart to us and take remunerated for this when they discover possible vulnerabilities in outsider websites and apps."

facebook-bug-bounty-program-2
Bug hunters can now test third-party apps if authorized

The lowest amount of a bug is Rs 35,682 and will change depending on how severe the bug is. Besides, researchers are required to show proof that they got authorized by the third party to conduct tests.

In September 2018 saw the first announcement for Facebook’s bug bounty program which aimed at how users' personal data could get leaked via unreliable developers that the company cannot control.

The Cambridge Analytica scandal last year marked the first red flags of privacy concerns from third-party apps for Facebook. Developers created Facebook apps to harvest data for Cambridge Analytica researchers, which threatened user privacy and caused potential political interference.

Security researcher, in April, discovered a Facebook open database that a media firm harvested using an app on the platform.

Bug bounties allow Facebook to broaden the search for data-harvesting apps though it already has a security group for the task. In March last year, the social giant first expanded its own bug bounty program and began considering such apps to be security flaws.

facebook-bug-bounty-program-3
Facebook expands its bug bounty programs after the scandal in 2018

Not only Facebook but also Apple has been revamping bug bounty programs with the highest offer of $1 million for high-level hacks. Rather than abusing flaws, security researchers now search for flaws and bugs that hunters could take advantage of and get remunerated for informing the company.

The bounty often rises in accordance with the rarity of the bug. Often, native code bugs are harder to find as they are hidden deep in the service; therefore, the social network decided to increase the reward for them.

facebook-bug-bounty-program-4
The valuable reward of thousands of dollars for successful hacks

The whole bug payout with a bonus of Rs 10.7 lakh will be given to researchers finding and reporting a zero-click flaw in the Messenger app on iOS if they can provide a proof-of-concept to it, said Facebook. This type of flaws is rare since they don't need to interact with users to affect them.

In November, there will be Pwn2Own Tokyo -  a hacker meeting, where the company said it would bring its hardware so that hackers can discover vulnerabilities. In March, Tesla showed a car in Pwn2Own Vancouver and fortunate hackers gained it alongside a reward of Rs 24.98 lakh.

A reward of Rs 42.8 lakh and Rs 28.5 lakh are offered for effective hacks of Facebook Portal Device and Oculus Quest, respectively.

Next Story

Read more

This Robot Can Grow, Twist, And Turn As Needed

Features- Nov 11, 2019

This Robot Can Grow, Twist, And Turn As Needed

While possessing flexibility, the robot does not sacrifice its rigidness as it can work with heavy loads

Unsinkable Ships Are Now Possible, Thanks To These New Metals

Features- Nov 11, 2019

Unsinkable Ships Are Now Possible, Thanks To These New Metals

These metals can repel water so well that it can stay afloat no matter how much it is damaged or how hard you try to push it down

How To Reset AirPods Pro And AirPods

How To- Nov 11, 2019

How To Reset AirPods Pro And AirPods

Sometimes, you will find yourself unable to reset the device by just holding down the button. In this case, we have another method you can follow.

Millions Of Ants Trapped Inside A Soviet Nuclear Bunker Still Survived

Features- Nov 12, 2019

Millions Of Ants Trapped Inside A Soviet Nuclear Bunker Still Survived

In the early 2010s, some volunteers started visiting these bunkers to monitor the bat population in winter and what they found were millions of wood ants.

Facebook Allows You To Shut Down Annoying Alerts

ICT News- Nov 12, 2019

Facebook Allows You To Shut Down Annoying Alerts

This will make Facebook users feel better when they don't have to keep an eye on distracting notifications.

Twitter Uses Emojis To Help Avoid Mindless Re-Tweeting

ICT News- Nov 11, 2019

Twitter Uses Emojis To Help Avoid Mindless Re-Tweeting

This is expected to lead to considered debates, rather than endless wars on Twitter.