Facebook has announced that security researchers will be offered rewards for finding flaws within the Oculus Rift headset, software development kit (SDK), and website as part of the company’s bug bounty program.
Facebook’s bug bounty program encourages individual security researchers to report security problems in the Oculus website and developer messaging system by paying them a minimum reward of $500.
The actual reward amount however will depend upon the circumstances and the potential impact of the vulnerability. Last year alone, the social networking giant parted with some $1.5 million in bug bounties including one $20,000 reward that it paid for an account login flaw on Facebook.
Facebook’s main aim behind announcing the bug bounty program is to find out the bugs before the launch of CV1 (Consumer Version 1) of the Oculus Rift, as it is the company’s first hardware product.
The social network’s security team is looking out to squish each and every flaw that could probably result in hack into the software in future. This is the reason why the company is pumping huge funds into getting bugs destroyed before the Rift goes live.
Detailing the bug bounty program, Facebook security engineer Neal Poole said a lot of the issues that come up with Oculus are not necessarily in the hardware yet. People exploring and find issues in the SDK or the hardware in the future will definitely be of great interest for the company, Poole added.
Facebook acquired Oculus VR for a whopping $2 billion (£1.17 billion) in March.
[Source: The Verge]
