Who's keeping your data safe? With bug bounties, it's would-be hackers

do bug bounty programs work facebook
When hackers find a security exploit in Facebook, they receive a “White Hat” debit card loaded with reward money. Vignesh Kumar/Flickr
Companies need all the help they can get to stay one step ahead of the next big security vulnerability, and sometimes that means relying on outside forces.

Bug bounties elicit security help and advice from independent hackers and security researchers usually in exchange for a cash reward. The hacker scours the site, discloses the vulnerability to the company, it gets patched, and the hacker pockets some money. Bug bounty programs have been around for a long time. But in recent years, they’ve become much more common.

Facebook has paid out millions in rewards to bug hunters over the years. Earlier this year, Anand Prakash, a security engineer from India, discovered and disclosed a major bug that would have allowed him to potentially access any account. He found that it was possible to make an infinite number of PIN attempts upon resetting an account if you’re using beta.facebook.com, the developer site for new features not yet rolled out to the masses.

“In-house testing does not compare with using the crowd, via bug bounties, in terms of effectiveness.”

“I was able to view messages, his credit/debit cards stored under payment section, personal photos and more,” he said. The discovery (which was promptly fixed) netted him $15,000, and there’s no evidence that the vulnerability was ever used by malicious attackers.

The bug itself is quite simple, but had severe implications, and somehow went undetected by Facebook’s own teams. After all, security pros are still only human, and a second opinion can make a huge difference. Which is why we’ve seen a bloom in bug bounty programs from major players like Facebook, as well as platforms to connect hackers with companies, like HackerOne and Bugcrowd.

Computing

If you have $5,200, Apple has 256GB of RAM for your iMac Pro

Professionals looking to run intensive applications will be able to push their work a bit further with Apple's latest iMac Pro, which holds 256GB of DD4 ECC RAM for $5,200. Here's why it costs so much to upgrade your iMac Pro to the top.
Gaming

Here's what we know about the Dark Souls developer's next game

Sekiro: Shadows Die Twice is the latest game from Dark Souls and Bloodborne developer From Software. Here is everything we know about the new game, including its setting and combat changes.
Movies & TV

Stranger Things season 3 teaser proclaims it's almost feeding time in Hawkins

With a sophomore season as strong as its first, Stranger Things is now moving on to season 3. Here's everything we've learned so far about the Netflix series' upcoming third season, premiering in July 2019.
Gaming

Upcoming zombiefest Days Gone boasts 30-plus hours of story-driven content

Days Gone, the first PlayStation 4 title from Sony's Bend Studio, looks to offer a different type of zombie game. Here's everything we know about the forthcoming title, from the setting to its gameplay.
Home Theater

What’s new on Amazon Prime Video and what’s leaving in April 2019

Amazon Prime Video adds new titles each month that are available for free to all Prime members. Check out our list to find all the content hitting Amazon Prime Video in March and April, from new original series to classic films.
Computing

Don’t be fooled! Study exposes most popular phishing email subject lines

Phishing emails are on the rise and a new study out by the cybersecurity company Barracuda has exposed some of the most common phishing email subject lines used to exploit businesses. 
Product Review

The Lenovo Legion Y740 brings RTX 2080 graphics power for under $2,500

Coming with the Intel Core i7-8750H processor, Nvidia GeForce RTX 2080 Max-Q graphics, 16GB of RAM, and a 256GB PCIe NVMe SSD, the Legion Y740 one big beast. But priced at under $2,500 how does Lenovo’s Legion stand up against the crowd?
Deals

From Air to Pro, here are the best MacBook deals for March 2019

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.
Computing

Oculus shows off the Rift S, plans to phase out its original VR headset

Oculus plans to phase out its flagship Rift VR headset for its newly created Rift S. The Rift S made its debut this week at the 2019 Game Developers Conference and is expected to be released in spring 2019.
Computing

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.
Computing

Get the best of both worlds by sharing your data on MacOS and Windows

Compatibility issues between Microsoft Windows and Apple MacOS may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.
Computing

Give your MacBook Air some added style with one of these great cases or sleeves

Whether you’re looking for added protection or a stylish flourish, you’re in the right place for the best MacBook Air cases. We have form-hugging cases, luxurious covers, and padded sleeves priced from $10 to $130. Happy shopping!
Computing

Intel teases 9th-generation Core i9 mobile processors at GDC 2019

Intel teased its new 9th-generation Intel Core i9 processors at GDC 2019. The company offered few specifics about the hardware, but a leak from late February provides insight into what the new processors might offer.
Computing

Intel Command Center lays foundation for next year’s ‘Arctic Sound’ GPU

Intel revealed its new Command Center driver software at GDC 2019. The updated interface will control current Intel integrated graphics and also lays the groundwork for next year's Intel video card.
1 of 3