Friday 5 September 2014

Bug Bounty Program: Find Bugs and Get Rewards from Twitter

Bug Bounty Program
One of top online social networking giant- Twitter has launched their new “bug bounty program”. This programs aims at paying $140 to the volunteer security researchers who are able to report any bug or vulnerability in the website.

In order to recognize the work being done by volunteer or individual security researchers, the new program was launched. This program has been named as “HackerOne” and launched in partnership with the portal names HackerOne, which connects web security researchers with different companies. The ultimate aim is to encourage the efforts that are being put by these researchers for making Twitter safe for everybody. At the moment the minimum reward value has been set at $140 but there has not upper limit set for the maximum value. According to Twitter, the maximum reward will depend on the severity and kind of the bug that will be detected.

Twitter has set certain qualification parameters before the researchers can get their hands on the reward:
  • You should be the first person to report about any bug and you will not able to publicly disclose any information about the identified bug before Twitter has the opportunity to fix the bug.
  • You can't live in countries like; Cuba, Sudan, North Korea, Iran, or Syria because the national law of these countries prohibits Twitter to pay any rewards to the hackers.
  • As per the data available on the HackerOne website, 46 bugs have already been fixed by Twitter and nearly 44 hackers have been thanked for their efforts in identifying the bugs.
  • Twitter has been able to launch a wall of fame in which the researchers who were able to identify bugs and have been rewarded will be featured.
On the similar lines, Facebook had also launched a program in the year 2011 with the minimum rewards of $500. Market giants Google and Microsoft are also not behind; even they have similar reward programs. So if you are an individual security researcher and trying to select a particular platform for carrying out individual research, then probably Microsoft and Facebook’s reward will be more rewarding as they are ready to pay more for the service.

Twitter has been successfully able to put out the message to hackers to find bugs and get paid in return. Even though the reward might seem small but excellent hackers and researchers have got opportunity to find as many bugs as possible to get paid. This news has made a lot of amateur hackers and researchers in India happy as among the 44 hackers who have been thanked, 10 of them are Indians.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.