Engineer paid peanuts for identifying facebook’s biggest bug

Posted on Jan 24 2014 - 11:07pm by IBC News

Washington, Jan. 24: An engineer, who recently discovered a bug in Facebook’s software that could have made him a million dollar king, has been reportedly given a lower pay.

A computer engineer in Brazil, Reginaldo Silva, had found one of the worst kinds of vulnerabilities in Facebook’s software last November and hoped to strike the jackpot.

However, Silva was paid 33,500 dollars for the discovery, despite Facebook’s security director, Ryan McGeehan’s statement made in July 2012 that if there’s a million-dollar bug , the company would pay it out, PC World reports.

According to the report, Silva found the bug related to code used for OpenID, an authentication system that lets people use the same login credentials for multiple online services, which could be executed from a remote computer.

The bug could have allowed a hacker to read almost any file and open arbitrary network connections on a Facebook server.

Meanwhile, Facebook didn’t reveal in its own blog post how much it paid Silva for finding the bug but on insistence disclosed what it called the ‘biggest bug bounty payout ever’.

The report said that the bug Silva discovered wasn’t unique to Facebook, as he had found it on other web services including Google, which paid him 500 dollars for finding it.

Facebook pays a minimum of 500 dollars for a vulnerability discovered in its service and examines each bug reported on its severity and creativity, the report added.

About the Author

Leave A Response