Remember Facebook’s Bug Bounty program, which was launched last year to reward researchers who find holes in the social network? Well, Facebook announced today that it will be expanding the scope of its Bug Bounty program. Not only are researchers invited to search for weaknesses in Facebook, but the infrastructure of the network itself. From the official Facebook page, possible weaknesses now include: Cross-Site Scripting, Cross-Site Request Forgery, Broken Authentication, Circumvention of Facebook’s Platform/Privacy permission models, Remote Code Execution, Privilege Escalation, and Provisioning Errors.
Like before, the minimum reward is $500, researchers must be the first to disclose the bug, and have to give Facebook a reasonable time to respond to their reports before going public with the information. Sounds fair enough, though I’m not too sure how much other companies are paying for these bug hunt expeditions. Read up more here.
- 2014-04-14: Google Picks Up Titan Aerospace Before Facebook Can
- 2014-04-14: Facebook Reportedly Working On An E-Money Service
- 2014-04-10: Facebook Makes Improvements To Reduce News Feed Spam
- 2014-04-10: FTC Clears Facebook/WhatsApp Deal, Must Honor Privacy Obligations
- 2014-04-09: Facebook To Remove In-App Messaging, Forces Users To Download Messenger App
- 2013-06-17: Facebook, Apple and Microsoft Give New Information On Government Data Requests
- 2013-05-02: Facebook Rolls Out 'Trusted Contacts' To Give Friends Power Over Your Account
- 2012-11-02: Facebook gets serious in educating its new users
- 2012-10-26: 1M Facebook User Emails Allegedly Purchased For... $5
- 2012-08-09: Facebook announces dedicated email address to report phishing scams