A new Facebook program that pays cash rewards to people who report security bugs on the social networking site doled out more than $40,000 in its first three weeks. According to a post published Monday by Facebook Chief Security Officer Joe Sullivan, researchers in 16 different countries have collected the bounties, which can …
“We feel great knowing that we've launched another strong effort to help provide a secure experience on Facebook,” Sullivan wrote.
Pity that the main security issue is Facebook itself.
I know a guy who got paid
It's funny, Facebook are paying for exploits but most of those reported are only the ones that are no use.
A guy I know is a huge Facebook spammer and earns quite a bit from tricking users (through XSS, clickjacking etc) into installing apps, serving ads etc. He's been paid by Facebook for reporting a couple of XSS and an exploit relating to the mobile side of things.
However, the exploits he's reporting are just the ones he can't actually make money from. They may get an outdated browser to run some JS but 99% of the time its no good.
So it's kinda funny. Yes they're fixing bugs/exploits but only the ones that are no good to the spammers anyway!
If I can make $20k from the exploit... why would I want to report it for the possibility of $5k?
Not to mention, that it's rare to make money off of a *FaceBook* exploit... the money mostly in the external stuff at his point.
Because you can get far more than 5K$ with an exploitable bug :)
maybe you should tell your "friend" to stop and stop being such a dick. Then everyone's life would be better.
The again, we need bottom feeding pondlife to make us feel better about ourselves in a least one area of life....
Well grass him up and pocket $5k for yourself?
What's the betting that if Microsoft did this they would be skint in a week!
I've got one
Now, how do I gets paid?