The bug bounty system is a proven method for maintaining a high level of digital security for your site or service, with the likes of Mega, Facebook, and Google all using it to encourage hackers to don white rather than grey or black hats. Therefore it’s no real surprise that a company like PornHub is also getting in on the action, offering $25,000 to those who discover flaws in its site.
That’s not quite the $100,000 Google allocated for Chromebook bugs at one point, but it’s not a bad start for anyone who already finds themselves clicking around Pornhub on a regular basis. Simple flaws will net a $50 finders fee, while those who discover nasty bugs could net the full $25,000.
There is a bit of small print to all this of course. You will need to be the first person to spot the bug — if someone else beat you to it but Pornhub just hasn’t fixed it yet, you’re out of luck. However, Pornhub does pledge to respond to all bug reports within 30 days and to implement a fix within 90.
As TechWeekEurope points out though, Pornhub doesn’t want this to become a game of “try and break the site.” It will not be doling out any money to those who try and hit the site with a denial of service attack, or physically attack the offices of the company.
After all, you’re not much of a bug hunter if you create the bug yourself.
Neither are Pornhub employees fair game, so Pornhub will not be offering bounties for anyone that uses employee information or social engineering to gain access to parts of the website they might not otherwise be allowed to see.
But other than that, Pornhub wants its users to go to town. It wants any and all vulnerabilities discovered so they can’t be exploited by nefarious individuals. Porn sites have routinely been targeted by hackers because affected users are less likely to report a problem through fear of being outed as a user.
For the sake of the confidential browsing history of many a computer user, here’s hoping Pornhub’s bounty system is effective.
- EU to offer bug bounties for finding security flaws in open-source software
- Sennheiser’s flawed headphone software is a Trojan horse hackers could exploit
- Google to expand New York City presence with $1 billion campus
- ‘Fallout 76’ users’ personal info accidentally leaked by Bethesda
- With 20,000 sites swallowed up, a botnet is eating WordPress alive