Microsoft and Facebook Launch Internet Bug Bounty Scheme
Written by Sue Gee   
Thursday, 07 November 2013

Microsoft and Facebook are jointly sponsoring a new initiative to improve the security of the Internet stack by offering cash for discovering security holes.

 

 

Recently Google announced cash rewards to developers who contribute to improving the security of the open source software underpinning the Internet and now a new website hackerone.com has been launched with rewards of $5,000 for disclosing Internet vulnerabilities or for Sandbox Escapes and $300 to $1,500 for bug in other software that supports the Internet stack.

hackeroneopts

 

 

$5,000 is set as the minimum bounty for Internet hacks that are judged by the panel of security experts to meet the following requirements:

  • Be widespread: vulnerability manifests itself across a wide range of products, or impacts a large number of end users.
  • Be vendor agnostic: vulnerability is present in implementations from multiple vendors or a vendor with dominant market share.
  • Be severe: vulnerability has extreme negative consequences for the general public.
  • Be novel: vulnerability is new or unusual in an interesting way.

The panel, which has volunteers from ISEC, Etsy and Google (a Chrome expert) as well as Microsoft and Facebook representatives, can award higher amounts at their discretion.

As this is a cash rewards program it cannot make payouts to residents of countries against which the US has trade restrictions or export sanctions, such as Cuba, Iran, North Korea, Sudan, and Syria. Although, due to the Children’s Online Privacy Protection Act, it can't pay children under 13 directly it suggests those 12 or younger to claim bounties through a parent of legal guardian. If hackers wish to remain anonymous bounties can be paid to a charity.  

For more details about what is required to qualify for sandbox escapes and submission details for all the bounties on offer. see hackerone.com. And if you want to start earning rewards sign up there.

 hackeroner1

More Information

hackerone.com

Related Articles

Google Offers Cash For Security Patches

Bounty Hunter Awarded $100,000

Microsoft Offers $100,000 For Novel Exploits

Facebook's White Hat VISA Card

Bribe Devs To Improve Open Source Software

 

To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin,  or sign up for our weekly newsletter.

 

blog comments powered by Disqus

 

Banner


Update: The Next Version Of PHP And The Status Of PHPng
30/07/2014

UPDATED If the current version of PHP is 5.x, what should the next version be called? Obviously it should be 6.x. Why then is there a proposal that it should be 7.x? And as PHPng gets ever faster [ ... ]



Project Kotlin Moves On
16/07/2014

The team behind Project Kotlin has a new milestone release, an open source website and new documentation.


More News

Last Updated ( Thursday, 07 November 2013 )
 
 

   
RSS feed of news items only
I Programmer News
Copyright © 2014 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.