Saturday, April 21, 2012

Facebook Bug Bounty Program to Counter Possible Online Hacking Attacks - Computers - Security

Online hacking was perhaps the last thing on anybody's mind when Mark Zuckerberg unveiled the new Facebook Timeline during the 2011 annual Facebook f8 Conference, announcing it as an new autobiographical way of presenting your Facebook shared life. It would thus come as a bit of a surprise to many just what Facebook is doing to secure that.

In this era of high penetration of office automation and dependence on information, online hacking is an oft-used weapon that has been used to bring companies to their knees many a times. Facebook is using it for good, which really goes to show that the weapon isn't good or bad, it's who wields it. The concept of hiring ethical hackers to beef up security against online hacking wasn't invented by Facebook.

However, with the scale on which they're pursuing this line of action is certainly on track to turn the majority-held negative perception of online hacking on its head. While Facebook has primarily been a programmer driven company looking to hire the most brilliant coders, Facebook staff have long had 'hackathon' to find new ways of breaking Facebook's security measures by hacking techniques.

Considering Zuckerberg's own perception of himself as a hacker, it shouldn't come across as much of a surprise that Facebook has often been stated as being 'run by hackers', albeit in a humorous vein.So what's new now? Now, Facebook are not just hiring coders who can hack. They've actually declared an online hacking free-for-all bounty hunting program calling out to freelance ethical hackers everywhere. Sounds very wild west, doesn't it; albeit the Hollywood sort where the good guys win and ride off into the sunset a lot richer than they were.Facebook has, in the past, been vilified for allowing third-party applications to gather information from users and the phishing/lifejacking scams have not helped matters, but the site itself has so far has not been compromised. So, while other major corporations, including financial institutions and credit card companies, are sending out emails warning their users that their accounts may have fallen to hacking, Facebook has managed t o stay ahead of the maliciously motivated hacking thus far.The recently launched Security Bug Bounty Program has essentially invited white hat hackers to help Facebook identify security holes and threats without fear of prosecution; on the contrary, they'd be rewarded! In case of a valid disclosure of a threat that could lead to the website fall to an online hacking attack, the contributor could make as much as $500 or even more depending on the significance of the bug. As of end August, as much as $1500 a day was going out to ethical hackers. Facebook's chief security officer Joe Sullivan has declared the program an emphatic success not only in terms of the vulnerabilities revealed but also enlightening Facebook management to "novel attack vectors" and unthought-of avenues of online hacking the site could fall to. Facebook is calling this practice of users revealing holes as 'responsible disclosure'.Of course, all it would take is one security breach for all this to change, but as of now, Facebook is sparing no expense to ensure online hacking stays away from its users. The battle between hackers and ethical hackers can be pretty much a game of hide-and-seek, with the spoils of online hacking at stake, and the bad guys have an edge in terms of the element of surprise. Also, being a user oriented site that caters to the individual, the fact that a major online hacking attack on Facebook is yet to take place flies in the face of the fact that individual attacks do happen and continue to chip away at the quality of the user experience that Facebook is so proud of. After all, what would you care for the fact that the site hasn't been hacked if your own account has fallen victim to hacking?

About : is an online hacking weblog that provides authoritative information on the malware protection, computer security and the ill-effects on online hacking. For more information and reading material on cybercrime, cyber-security, online hacking and the science of ethical hacking, visit



No comments:

Post a Comment