Facebook offers rewards to security bug hunters

WASHINGTON—Facebook began offering rewards of $500 or more on Friday to security researchers who identify vulnerabilities in the social network.

“To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs,” Facebook said in a blog post.

Security researchers who are the “first person to responsibly disclose” a bug that could “compromise the integrity or privacy of Facebook user data” would be eligible for a bounty of $500, Facebook said.

“Our security team will assess each bug to determine if it qualifies,” Facebook said.

The Palo Alto, California-based social networking titan said a typical bounty was $500 but it “may increase the reward for specific bugs.”

Facebook last month hired George Hotz, a celebrated hacker known as “GeoHot,” but has not disclosed what he is doing for the company.

Hotz was sued by Sony for hacking the Japanese company’s PlayStation 3 game console and is credited with being the first person to go public with a way to hack into an iPhone.

Read more...