Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > Microsoft, Facebook offer more cash bounties for web software bugs

Microsoft, Facebook offer more cash bounties for web software bugs
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Nov 7, 2013, 11:17 AM
 
Microsoft is teaming up with Facebook to offer more bounties for bugs and flaws in software used to by a vast majority of websites. The Internet bug bounty, HackerOne, sees the two companies paying cash prizes of between $300 and $5,000 in exchange for details for vulnerabilities in server-based software and frameworks such as PHP, Ruby, Rails, OpenSSL, and Apache httpd.

Vulnerabilities submitted to the project will be judged by a panel from Facebook, Microsoft, Google, and others to not only verify the bug, but also the severity and the value of bounty to be provided to the submitter, with the panel also able to go higher than the stated maximum at its discretion.

The project is "meant for those very, very severe bugs that would have dire consequence for the Internet if they were to get into the wrong hands," advised Facebook product security lead Alex Rice to Reuters. While the three companies "are fierce competitors," Rice claims that the security teams don't have to follow the company's general lead and will help each other in cases such as these. "Our competition is the bad guys."

Both Facebook and Microsoft offer their own bug reporting schemes. Microsoft has already paid out its maximum award of $100,000 for a critical flaw in Internet Explorer, one which it has already patched. Facebook offers just $500 for successful bugs, but earlier this year it was discovered that the company refused to pay out to a Palestinian submission after first dismissing it as a bug, and then claiming a violation of the site's Terms of Service.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 02:53 PM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2