HackerOne, a project by Microsoft and Facebook that seeks to reward those who will identify bugs present in key technologies that power the Internet has been setup. HackerOne will reward hackers or anyone who will identify and report vulnerabilities on Sandbox Escape, The Internet (key technologies e.g. DNS), Open SSL, Python, Ruby, PHP, Perl, and many others at a minimum rate of $300 per report. Depending on the nature of the identified bug, HackerOne can reward up to $5,000 dollars. Each program available for hacking has specific minimum reward bounty.
The bounties don’t seem much compared to what other hackers are paid by the tech giants. Google for instance paid $40,000 dollars to a hacker by the name of Pinkie Pie for identifying serious vulnerabilities on Chrome. Previously the same hacker had been paid a total of $120,000 for identifying flaws with Chrome on two occasions. Each report (actually from contests promoted by Google) gave him $60,000. Just last month Microsoft had announced that it will be paying a British hacker $100,000 for identifying security issues on on Windows 8.1 security protection protocols. Facebook on the other hand ignored a security bug report that led to the hacker to post details about Mark Zuckergerg on his Facebook Timeline.
HackerOne promotes the project in these words, “We’ve selected some of the most important software that supports the internet stack, and we want you to hack it. If the public is demonstrably safer as a result of your contribution to internet security, we’d like to be the first to recognize your work and say “thanks” by sending some cash to you or your favorite non-profit”.
Every report will be required to follow a set of rules and after the ruling of a panel of experts drawn from Microsoft, Facebook and Google, the reporters and hackers will be rewarded accordingly.
Appetizing rewards up there, why am I not a hacker?