Though the big fishes of web like Facebook, Twiter, Google, Microsoft claim to offer a top-notch security to their users and keep on hiring the tech souls from all over globe to make sure that they deliver the best, the chances of security breakage, though very small, is always there. These big names have faced many such bugs in their services in past.
Sometimes it happens that crowd of top-notch engineers working in the big companies can’t detect the security vulnerabilities, that the experts not working in these companies do.
Same thing happened in July with the social networking giant Facebook, when two computer-security researchers in India discovered the Facebook’s webcam vulnerability. These two researchers naming Aditya Gupta and Subho Halder, are founders of consulting firm known as XY Security. After discovering the webcam vulnerability, they both immediately reported it to Facebook which led them to get reward of $2500 cash.
The big companies also know that there exist smart souls, outside their companies, which can detect such kinds of security vulnerabilities and other bugs. Facebook, Mozilla and Google are those companies that encourage or say challenge the outsiders to hack their products. Therefore Facebook paid the discoverers of its webcam vulnerability, cash $2500.
Of course, it is better for companies to pay the researchers for finding vulnerabilities rather than facing the harms caused by those undiscovered issues.
Fred Wolens, a spokesman for Facebook, stated that like other companies, Facebook encourage the outsiders to hack its products and pay to the people who do so. $2500 given to Indian computer-security researchers for discovering and reporting webcam vulnerability, will work as mode or encouragement for others to play their role in making the company’s products to be free from any kind of bugs or security vulnerabilities. The spokesman further said that when Facebook fixed its webcam vulnerability, it was found that no user got affected from this.
For those out of you who don’t know about this webcam vulnerability; this webcam vulnerability would have allowed the hackers to turn on users’ webcams and post the videos on their profile, without their knowledge about it. The XY Security also stated about this webcam vulnerability in Facebook. According to XY Security, the Facebook’s webcam vulnerability that they discovered, was related to how Facebook verified requests to record and post webcam video.
Facebook was not in knowledge about this webcam vulnerability and it was the XY Security which made them aware from it. Of course, this could result big problems for Facebook in near future.
The bounty programs of technology companies have been working great for them, ever since their introduction. Facebook, Mozilla and Google have paid a combined total of more than $2 million through their bounty programs. You might already know that search giant Google invited all outsiders to find vulnerability in its esteemed web browser, the Google Chrome. The person who did the task was paid high amount by Google. Till date, Google has paid more than $60,000 for information about Chrome’s vulnerabilities.
As this bounty program has helped Facebook to fix its webcam vulnerability before it could cause any of its user, the company is expected to extend its bounty program even more in anytime soon. It is expected to encourage more and more outsiders to hack its products so to reduce the security vulnerabilities to minimum.