Facebook hands out rewards to people who find bugs on its website
It's only around $500 a time but it's a start. However, DON'T go public before you tell the social network
To win a reward - described as a "bounty" - users must "give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research… Be the first person to responsibly disclose the bug… [and] report a bug that could compromise the integrity or privacy of Facebook user data."
Certain bugs may net a higher reward, only one bounty will be paid per bug. Third-party applications such as Farmville are not included in the programme , said Facebook
Charlie Miller, research consultant with security firm Accuvant who has been calling for Facebook to reward those who discovered bugs , told Computerworld: " "It's a great start,. Moving from paying zero to paying anything is probably the hardest hurdle for companies to get over."
But at PCMag.com, Sara Yin said Facebook's base reward of $500 "pales in comparison to what other companies offer, like Google's $3,000+, Mozilla's $3,000, and Microsoft's $250,000."
Cameron Camp, a researcher at San Diego antivirus firm ESET took the view, "It sounds like it's a potential recruiting tool with a little bit of a kicker to sweeten it for hackers to stay away from the 'dark side'."