The bug bounty system is a proven method for maintaining a high level of digital security for your site or service, with the likes of Mega, Facebook, and Google all using it to encourage hackers to don white rather than grey or black hats. Therefore it’s no real surprise that a company like PornHub is also getting in on the action, offering $25,000 to those who discover flaws in its site.
That’s not quite the $100,000 Google allocated for Chromebook bugs at one point, but it’s not a bad start for anyone who already finds themselves clicking around Pornhub on a regular basis. Simple flaws will net a $50 finders fee, while those who discover nasty bugs could net the full $25,000.
There is a bit of small print to all this of course. You will need to be the first person to spot the bug — if someone else beat you to it but Pornhub just hasn’t fixed it yet, you’re out of luck. However, Pornhub does pledge to respond to all bug reports within 30 days and to implement a fix within 90.
As TechWeekEurope points out though, Pornhub doesn’t want this to become a game of “try and break the site.” It will not be doling out any money to those who try and hit the site with a denial of service attack, or physically attack the offices of the company.
After all, you’re not much of a bug hunter if you create the bug yourself.
Neither are Pornhub employees fair game, so Pornhub will not be offering bounties for anyone that uses employee information or social engineering to gain access to parts of the website they might not otherwise be allowed to see.
But other than that, Pornhub wants its users to go to town. It wants any and all vulnerabilities discovered so they can’t be exploited by nefarious individuals. Porn sites have routinely been targeted by hackers because affected users are less likely to report a problem through fear of being outed as a user.
For the sake of the confidential browsing history of many a computer user, here’s hoping Pornhub’s bounty system is effective.
- Intel opens bug hunt to all security researchers, offers possible $250K payout
- Microsoft will pay you up to $250,000 to find Spectre-like flaws
- Facebook will offer you $40,000 to find the next Cambridge Analytica
- Want to hide your Pornhub browsing? Use digital currency to make payments
- Microsoft misses another Edge-related 90-day security disclosure deadline