Microsoft and Facebook offer bounties to bug hunters

Author Topic: Microsoft and Facebook offer bounties to bug hunters  (Read 355 times)

Offline maruppharm

  • Hero Member
  • *****
  • Posts: 1227
  • Test
    • View Profile
Microsoft and Facebook offer bounties to bug hunters
« on: November 09, 2013, 01:07:34 PM »
Rivals Microsoft, Google and Facebook have joined forces to offers bounties to "friendly hackers" who can hunt down web bugs.

The tech giants have put their differences aside in pursuit of a "safer internet".

Dubbed Hackerone, the bug bounty programme offers cash rewards between $300 (£186) and $5,000 (£3,110) for discovering security holes.

The size of the reward will be determined by a panel of employees.

It may go higher if the discovery is deemed important enough.

Anyone is eligible to enter the competition, except those from countries with which the US has trade restrictions, such as Cuba, Iran, North Korea and Syria.

Children are also welcome to join in although they will need to claim their bounties from their parents.

The bounties will be paid by Microsoft and Facebook with Google supplying a member of staff to sit on the panel.

The team has suggested areas that people may want to look at.

It includes some of the key pieces of software that make the web work as well as offering a category simply labelled "the internet", which comes with a minimum bounty of $5,000.

Image flaw
Tech firms are stepping up efforts to battle hackers and ensure the internet is safer.

Microsoft has its own independent bounty programme and it recently raised the prize fund to $100,000.

The need for such bounty hunters was illustrated as Microsoft announced on the same day that a brand new security hole in Windows could allow criminals to get control of users computers via malware-injected image files.

The flaw means that anyone opening a malware-filled TIFF image could find malicious code installed on their computer without them knowing.

The bug is a so-called zero-day vulnerability, which means that it was not known about until real-life instances of attacks became apparent.
Md Al Faruk
Assistant Professor, Pharmacy