Facebook Bug Bounty Program: A Desperate Attempt To Win Back Users’ Trust?

Must Read

Companies and business are observed confiding to users perceptions before taking a decision on an important issue or planning on their next move. The end user of a product or service is most likely to know both the good and bad implications of it. But a few years back brands started hiring professionals in a bid to identify loopholes in the solution/apps that may prove fatal for companies as well as their customers or users. Despite all checks and balances, it’s always difficult to tag a solution/platform with ‘an absolute secure’. The always evolving need of a business keep offerings vulnerable to a certain extent.

Facebook Inc. (NASDAQ:FB) has been known to police itself since its inception, but in the wake of ongoing data breach scandal, the social media giant has decided to cut user some slack. Facebook launched a program yesterday that is called Data Abuse bounty. The purpose is pretty obvious; it will reward the users who report any data breach or misuse of data by app developers.

Facebook Bug Bounty Program Targets Malicious Apps

If someone has an evidence or first-hand knowledge about any app that is violating Facebook’s terms of services by collecting and transferring users’ data to another party to be sold, stolen, or used for political influence or scams, they can notify Facebook through this program. If the data abuse report is confirmed, Facebook will “shut down the offending app and take legal action against the company selling or buying the data, if necessary“. Facebook has not said anything about a maximum reward for a successful trip, but this program is inspired by the existing bug bounty program, and people who brought “high impact bud reports” to attention have been rewarded with up to $40,000. Facebook says it will review all the legitimate reports and respond the users about the credible threat to their data as quickly as possible. The payout will be based on the impact of each report and also the people Facebook believes to be affected will be alerted subsequently.

Advertisements

This move resonates with Facebook’s previous steps like disabling the search tool so that ‘malicious actors’ don’t misuse people’s data. Also recently, Facebook announced that it is coming up with an unsend feature in messenger after Zuckerberg’s messages were secretly retracted from users’ inboxes; one can’t be fairly certain how this will better the scenario, for both users and Facebook. Considering the recent backlash, the social network turning to its users and incentivizing them seems only logical at this point. Obviously, this won’t suffice the users whose data was compromised in Cambridge Analytica files; what price can one put on his personal data, right? But, this step is likely to obstruct any data abuse through suspicious apps in future.

Despite Facebook’s indiscretions and current ambivalence of users, the social network has managed to roll out reasonable changes in its privacy terms and data use policy. It has restricted apps for accessing information by limiting Facebook login data, besides making changes in policies regarding political ads. A new initiative has been announced to assess the role of Facebook in elections.

Companies making use of bounty programs is not new. Software security researchers are increasingly engaging with bounty programs to hunt down vulnerabilities. Bugcrowd and HackerOne, both launched in 2012, have become popular in the growing bug bounty market. They have a bug-hunting community of white hat hackers.

SecurityTrail, a Security and Intelligence firm, has a data bounty program for finding particularly interesting cases in their 30TB data set. Furthermore, the search engine giant Google paid a hefty $2.9 million in bug bounties in 2017. Some other reputed companies who announced bounty programs in 2018 are:

  • Intel – offering a maximum payout of $30,000 for detecting critical bugs in their hardware, software or firmware
  • Cisco – offering a bounty for some serious vulnerability;
  • Apple – launched its bug bounty program to breach Apple’s Secure Enclave Technology. The Cupertino giant had launched its first ever bug bounty program in September 2016, offered up to $200,000 for successfully finding vulnerabilities in its products.

LEAVE A REPLY

Please enter your comment!
Please enter your name here
Advertisements

Latest News

The Advantages of Java Logging

If you're a fan of Java logging, you already know that there are three main types, Log4j,...

Jio Postpaid Plus Plan Offers Free Netflix And Amazon Prime To Give Airtel and Vi Run For Their Money?

The just launched Jio Postpaid Plus plan is making heads turned. Just when you think Mukesh Ambani led...

TikTok Oracle Deal: China is Not Happy

Beijing is not at all happy with how the TikTok-Oracle deal panned out! In an editorial, Global Times, the...

TikTok Oracle Deal: Confusion, Contradictions and Quest for Control

Another day Another verbal volley. TikTok Oracle deal saga continues. The tug-of-war with the back and forth statements surrounding...

5 Common IT Infrastructure Management Issues You Must Resolve Today!

Your IT infrastructure supports your entire operation, but there are many struggles departments have difficulty identifying and overcoming. One of the biggest...

TikTok Oracle Deal: No Technology Transfer, No Ownership, Rest All Is Fine

The brouhaha around TikTok and the US administration simply refuses to subside. In the ensuing see-saw of developments, ByteDance...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This