Facebook and Microsoft join forces to make the Internet a safer place
The Internet Bug Bounty program is the latest initiative that can be used by hackers, security experts and anyone with time on their hands to reap rewards by uncovering security problems.
This time, however, it is not an individual app or website that's the subject of the program, but the entire Internet. It is a wide-reaching program which has the backing of Facebook and Microsoft; both companies with a vested interested in making the Internet safer.
Offering a minimum bounty of $5,000 for the discovery of a vulnerability, the IBB relies on input from anyone willing to lend a hand:
Some of the most critical vulnerabilities in the Internet's history have been resolved thanks to efforts of researchers fueled entirely by curiosity and altruism. We owe these individuals an enormous debt and believe it is our duty to do everything in our power to demonstrate how much this research is appreciated. To that end, the Internet Bug Bounty Panel will award public research into vulnerabilities with the potential for severe security implications to the public. Simply put: hack all the things, send us the good stuff, and we'll do our best to reward you.
In order to qualify for a payout, vulnerabilities that are discovered have to meet a few criteria including being widespread and affecting multiple websites or services. Vulnerabilities must also be unique, previously undiscovered and be considered severe.
There are other aspects to the program which involve looking for vulnerabilities in various technologies such as Ruby, PHP and Python. The rewards on offer vary depending on the severity and type that is discovered. Bounty hunters from around the globe are welcome to take part, but there are a couple of understandable restrictions in place:
Because we're based in the United States, we aren't able to pay bounties to residents or those who report vulnerabilities from a country against which the United States has trade restrictions or export sanctions (such as Cuba, Iran, North Korea, Sudan, and Syria). Minors are welcome to participate in the program. However, the Children's Online Privacy Protection Act restricts our ability to collect personal information from children under 13, so you will need to claim your bounties through your parent or legal guardian if you are 12 or younger.
So, if you're a hacker looking to help the online world be a safer place, don your philanthropic hat and get to work!