Engineer nets Facebook's biggest bug bounty, but not the jackpot he hoped for
Jeremy Kirk |
Jan. 23, 2014
Last November Reginaldo Silva, a computer engineer in Brazil, found one of the worst kinds of vulnerabilities in Facebook's software. It has netted him the biggest bug bounty the social network has ever paid out, but while he's not complaining, it wasn't quite the windfall he hoped for.
Silva wrote there are many servers on the Internet that are still vulnerable, which is why he didn't publish proof-of-concept code that would show how the flaw could be abused.
Google awarded him $500 for pointing out the issue, Silva wrote. He posted the technical details in his write-up.