Facebook says it has paid out £24,500 in three weeks to hackers who have discovered security flaws in the social network.
One of the hackers - or "White Hats", as Facebook calls them, has already earned over £4,000 for spotting six issues and reporting them.
Another bagged a £3,000 reward for identifying one particularly serious problem.
The payments are being made through Facebook's new "bug bounty" scheme, which invites all users to offer information about undiscovered security holes in return for cash.
Facebook admits it has received plenty of bogus reports since launching the scheme but says it is not deterred.
"We realise [...] that there are many talented and well-intentioned security experts around the world who don’t work for Facebook," said Joe Sullivan, the company's chief security officer.
"Over the years, we have received excellent support from independent researchers who have let us know about bugs they have found."
He went on: "We established this bug bounty programme in an effort to recognise and reward these individuals for their good work and encourage others to join."
Mr Sullivan said Facebook had been surprised at how quickly "White Hats" from all around the world had responded to the call for information.
"Facebook truly does have the world's best neighbourhood watch programme," he said.
While some Facebook users are making money from the bug bounty scheme, not all believe it goes far enough.
It does not cover the thousands of third party games and applications that use the site - even though web security firms warn that these pose a bigger threat than the main network.
Mr Sullivan conceded the programme could not be extended to applications due to the size of the task.
Other users suggested that if Facebook stopped constantly rolling out new features, it would have fewer flaws to correct.
--
Posted By Chief Editor to IT4Dev on 9/06/2011 07:16:00 AM
No comments:
Post a Comment