facebook pays for security loopholes
Last Updated : GMT 06:49:16
Arab Today, arab today
Arab Today, arab today
Last Updated : GMT 06:49:16
Arab Today, arab today

Facebook pays for security loopholes

Arab Today, arab today

Arab Today, arab today Facebook pays for security loopholes

London - Arabstoday

Facebook has spent $40,000 (£25,000) in the first 21 days of a program that rewards the discovery of security bugs. The bug bounty program aims to encourage security researchers to help harden Facebook against attack. One security researcher has been rewarded with more than $7,000 for finding six serious bugs in the social networking site. The program runs alongside Facebook's efforts to police the code it creates that keeps the social site running. A blog post by Facebook chief security officer Joe Sullivan revealed some information about the early days of the bug bounty program. He said the program had made Facebook more secure by introducing the networking site to "novel attack vectors, and helping us improve lots of corners in our code". The minimum amount paid for a bug is $500, said Mr Sullivan, up to a maximum of $5000 for the most serious loopholes. The maximum bounty has already been paid once, he said. Many cyber criminals and vandals have targeted Facebook in many different ways to extract useful information from people, promote spam or fake goods. It's hardly surprising that the service is riddled with rogue apps and viral scams” End Quote Graham Cluley Sophos Mr Sullivan said Facebook had internal bug-hunting teams, used external auditors to vet its code and ran "bug-a-thons" to hunt out mistakes but it regularly received reports about glitches from independent security researchers. Facebook set up a system to handle these reports in 2010 which promised not to take legal action against those that find bugs and gave it chance to assess them. Paying those that report problems was the logical next step for the disclosure system, he said. Graham Cluley, senior technology consultant at Sophos, said many other firms, including Google and Mozilla, run similar schemes that have proved useful in rooting out bugs. However, he said, many criminally-minded bug spotters might get more for what they find if they sell the knowledge on an underground market. He added that the bug bounty scheme might be missing the biggest source of security problems on Facebook. "They're specifically not going to reward people for identifying rogue third party Facebook apps, clickjacking scams and the like," he said. "It's those sorts of problems which are much more commonly encountered by Facebook users and have arguably impacted more people." Facebook should consider setting up a "walled garden" that only allowed vetted applications from approved developers to connect to the social networking site, he said. "Facebook claims there are over one million developers on the Facebook platform, so it's hardly surprising that the service is riddled with rogue apps and viral scams," he said.  

arabstoday
arabstoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

facebook pays for security loopholes facebook pays for security loopholes

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

facebook pays for security loopholes facebook pays for security loopholes

 



GMT 09:27 2017 Tuesday ,10 October

Macron takes EU reform push to Germany book fair

GMT 12:50 2017 Sunday ,03 December

Shiffrin bags first downhill win

GMT 10:33 2016 Friday ,08 April

Carter v Nonu as Racing eye Toulon's scalp

GMT 10:57 2017 Wednesday ,09 August

Iran's Rouhani names female VPs

GMT 11:21 2017 Monday ,20 February

Tunisian court tries suspects over violence charges

GMT 20:52 2017 Thursday ,30 November

Honeywell to maintain A380, B777 components for Emirates

GMT 02:36 2017 Thursday ,23 November

Casablanca’s president hails achievement

GMT 19:18 2017 Wednesday ,18 October

Investment sector attend Saudi Investment Initiative

GMT 07:08 2016 Tuesday ,28 June

Hodgson pays price for sorry England
Arab Today, arab today
 
 Arab Today Facebook,arab today facebook  Arab Today Twitter,arab today twitter Arab Today Rss,arab today rss  Arab Today Youtube,arab today youtube  Arab Today Youtube,arab today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

arabstoday arabstoday arabstoday arabstoday
arabstoday arabstoday arabstoday
arabstoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
arabstoday, Arabstoday, Arabstoday