Facebook recruiting “bounty hunters” to root out bugs
Facebook has revealed that it has paid out £25,000 to outside ‘bug bounty hunters’ who can identify weaknesses and loopholes in the social networking sites software which could be exploited by hackers.
The three week project has unearthed a number of security flaws on the site from skilled individuals and external security experts – including one individual who netted £4.3k for discovering six separate flaws.
It is the first formal invitation that Facebook has issued for others to investigate its code, an admission that in-house security alone is insufficient to police the millions of lines of code which comprise the world’s largest social networking site.
Joe Sullivan, Facebook’s chief security officer, said: “The program has also been great because it has made our site more secure – by surfacing issues large and small, introducing us to novel attack vectors, and helping us improve lots of corners in our code.”