Are you a “good” hacker looking to make some extra cash? Pretty strange question I know, but if you fancy yourself a problem solver and enjoy finding loopholes and backdoors in internet security, then Microsoft and Facebook could use your help. These two powerhouse companies are teaming up to offer bounties on any security hiccups that may plague some of the core components that keep the web up and running. These key programs include things like PHP, Open SSL, Ruby, Apache, and a variety of other tools.
If this sounds familiar, it’s because Microsoft already offered a similar program, in which it paid out over $128,000 in bounties to individuals who helped discover issues in Windows 8.1. Facebook doesn’t have any experience offering bounties, but it did receive some negative press a while back after it was discovered that the social media giant ignored a security bug report. The security researcher who discovered the bug eventually took action by posting details about the issue directly to Facebook CEO Mark Zuckerburg’s wall.
This new bounty collaboration, dubbed HackerOne, will be made up of volunteers from Facebook, Microsoft, and even Google (although it doesn’t appear that Google is offering any monetary incentives). These volunteers will form a judging panel to help decide if entires are legitimate, as well as how much they’re worth. Cash values for discovered bugs start at $300 and stretch all the way up to $5000. There is a list of disclosure rules put into place to help keep your submissions safe and to ensure that bugs are disclosed safely and correctly.