We all are aware that Facebook has money but did you know they spend money?  Facebook said that they have paid more than $40,000 to people who have uncovered bugs on its website in the first three weeks of its “Bug Bounty” program.

The Bug Bounty program is a program that Facebook launched at the end of last month as a way to compensate people who find and report bugs that might otherwise go unfixed or be exploited by malicious hackers.  Some bug hunters have reported of making up to $500 per bug while others reported up to $7,000.  If you ask me, that’s a lot of money just to report a bug.  I wish I knew about this to hop on and make some easy cash.

One bug reporter has reported that they were paid $5,000 for “one really good report.”  Another bug reported getting paid $7,000 for six different issues.  Joe Sullivan says the following:

On the other end of the spectrum, we’ve had to deal with bogus reports from people who were just looking for publicity.

Joe does not specify how man bugs have been reported.

Many people have asked Facebook over and over again if they could extend the bounty program to cover third-party applications and web sites that are part of the Facebook Platform.  Joe Sullivan’s response was the following:

Unfortunately, that’s just not practical because of the hundreds of thousands of independent Internet services implicated, but we do care deeply about security on the Platform.  We have a dedicated Platform Operations team that scrutinizes these partners and we frequently audit their security and privacy practices.  Additionally, we have built a number of backend tools that help automatically detect and disable spammy or malicious applications.

If you knew about the Bug Bounty program, would you have tried to get on the list?  I know for a fact I would have!  Do you agree with Facebook in having this program?  Leave your thoughts in the comment section.

[via TechJohnson]