A new Facebook program that pays cash rewards to people who report security bugs on the social networking site doled out more than $40,000 in its first three weeks. According to a post published Monday by Facebook Chief Security Officer Joe Sullivan, researchers in 16 different countries have collected the bounties, which can …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Tuesday 30th August 2011 03:41 GMT Mark 65

Security

“We feel great knowing that we've launched another strong effort to help provide a secure experience on Facebook,” Sullivan wrote.

Pity that the main security issue is Facebook itself.

1 0
Tuesday 30th August 2011 04:05 GMT Anonymous Coward

I know a guy who got paid

It's funny, Facebook are paying for exploits but most of those reported are only the ones that are no use.

A guy I know is a huge Facebook spammer and earns quite a bit from tricking users (through XSS, clickjacking etc) into installing apps, serving ads etc. He's been paid by Facebook for reporting a couple of XSS and an exploit relating to the mobile side of things.

However, the exploits he's reporting are just the ones he can't actually make money from. They may get an outdated browser to run some JS but 99% of the time its no good.

So it's kinda funny. Yes they're fixing bugs/exploits but only the ones that are no good to the spammers anyway!

0 1
1. Tuesday 30th August 2011 08:18 GMT Anonymous Coward
  
  Well...
  
  If I can make $20k from the exploit... why would I want to report it for the possibility of $5k?
  
  Not to mention, that it's rare to make money off of a *FaceBook* exploit... the money mostly in the external stuff at his point.
  
  1 0
2. Tuesday 30th August 2011 08:20 GMT Anonymous Coward
  
  Well...
  
  maybe you should tell your "friend" to stop and stop being such a dick. Then everyone's life would be better.
  
  The again, we need bottom feeding pondlife to make us feel better about ourselves in a least one area of life....
  
  2 0
3. Tuesday 30th August 2011 08:20 GMT Yag
  
  of course!
  
  Because you can get far more than 5K$ with an exploitable bug :)
  
  0 0
4. Tuesday 30th August 2011 08:20 GMT Anonymous Coward
  
  grass up
  
  Well grass him up and pocket $5k for yourself?
  
  2 0
Tuesday 30th August 2011 08:18 GMT Anonymous Coward

Anyone Else?

What's the betting that if Microsoft did this they would be skint in a week!

2 1
Tuesday 30th August 2011 09:55 GMT Anonymous Coward

I've got one

Facebook itself!!!

Now, how do I gets paid?

1 0