James Delahunty
7 Nov 2013 16:04
Three of the biggest names on the web - and in business in general - are combining efforts to safeguard the Internet by offering cash rewards to hackers.
It is pretty standard in the industry now for tech firms to have bug bounty programs to entice white hat hackers to go bug hunting in their code. It fixes flaws that could be found by criminals and exploited in ways that could make their customers less safe, and their products less reliable.
The new Internet Bug Bounty has more ambition than just safeguarding some company's software, instead it seeks to find bugs that could threaten more damage to the Internet. The program is sponsored by Microsoft and Facebook, while a Google security expert who helped to develop the program will sit on a panel that evaluates submissions.
"We've selected some of the most important software that supports the internet stack, and we want you to hack it. If the public is demonstrably safer as a result of your contribution to internet security, we'd like to be the first to recognize your work and say "thanks" by sending some cash to you or your favorite non-profit," the program's webpage reads.
Cash rewards up to $5,000 are offered depending on where the bug is found and its consequences, but the cash reward can be increased if the panel sees reason to do so.
"It is meant for those very, very severe bugs that would have dire consequence for the Internet if they were to get into the wrong hands," said Facebook Product Security Lead Alex Rice.
"Even if we are fierce competitors... the security teams don't have to be competitors. Our competition is the bad guys," he added.
More Info: Internet Bug Bounty