Facebook paid US$611,741 to 149 researchers during first half of the year as part of its Bug Bounty program, and Indian researchers got the largest share of the bounty for finding flaws.
The first and second runners up in the program were the US and Mexico. Facebook however did not reveal the breakup of the bounty distribution for H1 2016.
“We received more than 9,000 reports in the first half of 2016… The top three countries based on the number of payouts were India, USA and Mexico,” Joey Tyson, a security engineer at Facebook, wrote in a blogpost.
A bug is an error in software program that causes it to malfunction. Conflicts in software often result in program malfunctioning as applications try to run in tandem. Facebook’s Bug Bounty program was launched in 2011, and since then the company has been rewarding researchers for reporting security bugs and vulnerabilities in the services or infrastructure of the Facebook as well as its acquired companies and products, including Instagram, Free Basics, Oculus, and Onavo. In the past five years, Facebook has paid more than US$ 5 million to over 900 researchers across the world. Earlier this year, the social networking giant revealed that that it has paid Rs 4.84 crore to researchers in India as part of the bug bounty program. India also ranks second in terms of Facebook’s userbase. There are about 155 million monthly active Facebook users and 77 million daily active users in the country.
“Launching and running a program of this size for five years is not easy — and we couldn’t have done it without the support of the broader security research community. In fact, we discovered many of the people now on our team through the community of researchers submitting reports.” Tyson wrote.
This year, Facebook has added WhatsApp to Bug Bounty program. The payment options have been expanded to include Bitcoin, and the payment process has been automated to make faster payments to researchers.
Facebook is planning to introduce more changes to the program by sharing more educational resources on security fundamentals and topics specific to Facebook products.
“Over the past few months, we’ve sought to better understand what researchers like about our program and where they’d like to see changes. Five years of experience has helped us refine and strengthen many aspects of our program, and we heard from researchers that they appreciate our rewards, triaging, and quick fixes. But researchers also gave us ideas about how to make our program even better, so we are making changes to better support our bug bounty community.” the blogpost said.
Facebook Bug Bounty Program
Facebook’s Bug Bounty Program was announced on July 29, 2011 to allow security researchers to report security holes on Facebook website. A minimum of $500 was to be paid as bounty to researchers.
“If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you,” Facebook’s Whitehat page for security researchers says.:
Later Facebook started issuing custom branded “White Hat” debit cards to pay researchers for finding and reporting security bugs. The White Hat debit cards can be reloaded with funds each time the researchers discover new flaws.
“Researchers who find bugs and security improvements are rare, and we value them and have to find ways to reward them,” Ryan McGeehan, former manager of Facebook’s security response team, told CNET in an interview.
“Having this exclusive black card is another way to recognize them. They can show up at a conference and show this card and say ‘I did special work for Facebook.'”
Story of Facebook
Facebook, headquartered in Menlo Park, California, U.S., is the largest social networking website in the world. The Facebook website was launched in 2004 by Mark Zuckerberg, along with fellow Harvard College students Andrew McCollum, Eduardo Saverin, Chris Hughes, and Dustin Moskovitz. Initially, the websites membership was limited to Harvard students, but it was later expanded to include higher education institutions in the Boston area, the Ivy League schools, and Stanford University. Since 2006, anyone aged 13 or above can register on the website.
By late 2007, there were 100,000 business pages on Facebook. These pages were created by companies to promote themselves and attract customers. On October 24, 2007, Microsoft revealed to have purchased a 1.6% share of Facebook for $240 million. Once year later, Facebook announced its plan to set up its international headquarters in Dublin, Ireland.
In July 2010, the company announced to have touched the milestone of 500 million users, making it the world’s largest online social network at the time. At that time, almost half of the Facebook users were using the site daily, for an average of 34 minutes (according to the company’s data).
According to SecondMarket Inc., Facebook’s value in November 2010 was $41 billion, making it the third largest American web company after Google and Amazon.
The initial public offering of Facebook was held in February 2012. Three months later, the company started selling stock to the public, and reached an original peak market capitalization of $104 billion. As of March 31, 2016, the social network had over 1.65 billion monthly active users, and it is now also the world’s most popular social networking site based on the number of active user accounts.
You must be logged in to post a comment.