MacNN Forums (
-   Tech News (
-   -   Microsoft, Facebook offer more cash bounties for web software bugs (

NewsPoster Nov 7, 2013 10:17 AM
Microsoft, Facebook offer more cash bounties for web software bugs
Microsoft is teaming up with Facebook to offer more bounties for bugs and flaws in software used to by a vast majority of websites. The Internet bug bounty, <a href="" rel='nofollow'>HackerOne</a>, sees the two companies paying cash prizes of between $300 and $5,000 in exchange for details for vulnerabilities in server-based software and frameworks such as <em>PHP</em>, <em>Ruby</em>, <em>Rails</em>, <em>OpenSSL</em>, and <em>Apache httpd</em>. <br />
<br />
Vulnerabilities submitted to the project will be judged by a panel from Facebook, Microsoft, Google, and others to not only verify the bug, but also the severity and the value of bounty to be provided to the submitter, with the panel also able to go higher than the stated maximum at its discretion. <br />
<br />
The project is "meant for those very, very severe bugs that would have dire consequence for the Internet if they were to get into the wrong hands," advised Facebook product security lead Alex Rice <a href="" rel='nofollow'>to</a> <em>Reuters</em>. While the three companies "are fierce competitors," Rice claims that the security teams don't have to follow the company's general lead and will help each other in cases such as these. "Our competition is the bad guys." <br />
<br />
Both Facebook and Microsoft offer their own bug reporting schemes. Microsoft has already paid out its maximum <a href=" day.updates/" rel='nofollow' target="_self" title="">award of $100,000</a> for a critical flaw in Internet Explorer, one which it has already patched. <a href="" rel='nofollow'>Facebook</a> offers just $500 for successful bugs, but earlier this year it was discovered that the company refused to pay out to a Palestinian submission after first dismissing it as a bug, and then claiming a violation of the site's Terms of Service.
All times are GMT -4. The time now is 09:02 PM.

Copyright © 2005-2007 MacNN. All rights reserved.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2016, vBulletin Solutions, Inc.

Content Relevant URLs by vBSEO 3.3.2