facebook pays for security loopholes
Last Updated : GMT 09:07:40
Egypt Today, egypt today
Egypt Today, egypt today
Last Updated : GMT 09:07:40
Egypt Today, egypt today

Facebook pays for security loopholes

Egypt Today, egypt today

Egypt Today, egypt today Facebook pays for security loopholes

London - Arabstoday

Facebook has spent $40,000 (£25,000) in the first 21 days of a program that rewards the discovery of security bugs. The bug bounty program aims to encourage security researchers to help harden Facebook against attack. One security researcher has been rewarded with more than $7,000 for finding six serious bugs in the social networking site. The program runs alongside Facebook's efforts to police the code it creates that keeps the social site running. A blog post by Facebook chief security officer Joe Sullivan revealed some information about the early days of the bug bounty program. He said the program had made Facebook more secure by introducing the networking site to "novel attack vectors, and helping us improve lots of corners in our code". The minimum amount paid for a bug is $500, said Mr Sullivan, up to a maximum of $5000 for the most serious loopholes. The maximum bounty has already been paid once, he said. Many cyber criminals and vandals have targeted Facebook in many different ways to extract useful information from people, promote spam or fake goods. It's hardly surprising that the service is riddled with rogue apps and viral scams” End Quote Graham Cluley Sophos Mr Sullivan said Facebook had internal bug-hunting teams, used external auditors to vet its code and ran "bug-a-thons" to hunt out mistakes but it regularly received reports about glitches from independent security researchers. Facebook set up a system to handle these reports in 2010 which promised not to take legal action against those that find bugs and gave it chance to assess them. Paying those that report problems was the logical next step for the disclosure system, he said. Graham Cluley, senior technology consultant at Sophos, said many other firms, including Google and Mozilla, run similar schemes that have proved useful in rooting out bugs. However, he said, many criminally-minded bug spotters might get more for what they find if they sell the knowledge on an underground market. He added that the bug bounty scheme might be missing the biggest source of security problems on Facebook. "They're specifically not going to reward people for identifying rogue third party Facebook apps, clickjacking scams and the like," he said. "It's those sorts of problems which are much more commonly encountered by Facebook users and have arguably impacted more people." Facebook should consider setting up a "walled garden" that only allowed vetted applications from approved developers to connect to the social networking site, he said. "Facebook claims there are over one million developers on the Facebook platform, so it's hardly surprising that the service is riddled with rogue apps and viral scams," he said.  

egypttoday
egypttoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

facebook pays for security loopholes facebook pays for security loopholes



 
 Egypt Today Facebook,egypt today facebook  Egypt Today Twitter,egypt today twitter Egypt Today Rss,egypt today rss  Egypt Today Youtube,egypt today youtube  Egypt Today Youtube,egypt today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

egypttoday egypttoday egypttoday egypttoday
egypttoday egypttoday egypttoday
egypttoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
egypttoday, Egypttoday, Egypttoday