Facebook doles out $40,000 in 21 days for security bug hunt

By Shane McGlaun/Aug. 31, 2011 4:23 am EST

The Facebook Deals program didn't work out too well for the giant social network, but it looks like their bug hunt program is working out really well. Facebook is running a program that will pay security researchers and other folks that find bugs or flaws in the security of the social network and report them. The money paid out depends on the severity of the flaw found.

The payout runs from $500 for a minor bug up to $5,000 for a severe security issue. One researcher has apparently already racked up $7,000 in bounties for finding six different bugs in Facebook security. The program has been running for 21 days now and already Facebook has paid out $40,000 according to reports. That is a lot of bugs in security that have already been nailed by security pros.

The goal of the program is to make the code of the social network more secure and less prone to hacking by malicious types looking to exploit the wealth of information on users hidden inside. Facebook isn't alone in running a program that pays people to find and report security flaws. Apparently Sophos, Google, and Mozilla also run this sort of program and I am sure there are many more. The catch is that nefarious sorts might be able to make more money selling what they find to hackers than taking the offered bounty.

[via BBC News]