More Cash For Internet Bug Bounty
More Cash For Internet Bug Bounty
Written by Alex Armstrong   
Tuesday, 25 July 2017

The Internet Bug Bounty, a program that exists to make the internet safer by catching more vulnerabilities in internet infrastructure and open source software has received $300,000 in new funding.

 

ibbanner

 

We reported on the Internet Bug Bounty (IBB) scheme when it was launched in 2013 by Microsoft and Facebook and hosted by HackerOne. While HackerOne still supports it, IBB now has its own website and GitHub and the Ford Foundation have now joined as sponsors of the scheme, each donating $100,000. Facebook has renewed its sponsorship with another $100,000.

 

ibbsposnors

 

The rationale for running the program, as explained in the IBB's FAQs, is: 

Our collective safety is only possible when public security research is allowed to flourish. Some of the most critical vulnerabilities in the internet's history have been resolved thanks to efforts of researchers fueled entirely by curiosity and altruism. We owe these individuals an enormous debt and believe it is our duty to do everything in our power to cultivate a safe, rewarding environment for past, present, and future researchers.

Among other salient facts about IBB are: 

  • The Internet Bug Bounty has rewarded 617K+ in bounties to 142 friendly hackers for uncovering 631 flaws that have helped improve the security of the Internet including: 
    ImageTragick ($7.5k), Heartbleed and Shellshock($20k). 
  • the program is administered by an independent panel of security experts from the community, which is responsible for defining the rules of the program and allocating bounties to where additional security research is needed most

  • 100% of the funding raised from sponsors goes to finders 

Announcing GitHub's donation, Shawn Davenport

explains that the new funding will be used to expand the scope of the IBB in two ways: a new Data Processing Program to:

"encompass numerous widespread data parsing libraries as these have been an increasing avenue for exploitation"

and an expansion of;

"coverage of technologies that serve as the technical foundation of a free and open Internet, such as OpenSSL."

One of the most high profile payouts by IBB was a $15,000 bounty  for the discovery of the Heartbleed flaw in 2014. It was made to Google Security Researcher Neel Mehta, who in turn donated his award to the Freedom of Press Foundation. Such generosity isn't unusual and, according to Shawn Davenport, $45,000 of hackers' bounties from IBB have been donated to organizations like the Electronic Frontier Foundation, Hackers for Charity, and Freedom of the Press Foundation. 

 

 ibb

 

More Information

Internet Bug Bounty

 

Related Articles

Microsoft and Facebook Launch Internet Bug Bounty Scheme

New Android Bug Bounty Scheme

Mozilla Increases Bug Bounty

Microsoft Bug Bounty Extends Scope

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.

 

Banner


Hour of Code 2017 Introduces App Lab
01/12/2017

It's the time of year when the world-class Hour of Code once more commences; just an hour for introducing coding to the uninitiated, having them complete self guided tutorials. But is a hour sufficien [ ... ]



Countdown to Xmas with Santa Tracker
03/12/2017

Santa Trackers, from Norad and Google have become part of the Christmas tradition and both of them have now started their countdown to Christmas Eve when Santa takes off from the North Pole to deliver [ ... ]


More News

 
 

 

blog comments powered by Disqus

Last Updated ( Thursday, 14 September 2017 )
 
 

   
RSS feed of news items only
I Programmer News
Copyright © 2017 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.