Twitter has just introduced a “bug bounty program” that will pay volunteer security researchers a minimum of $US140 for reporting any vulnerability or bug.
The program, called HackerOne, was established for independent security researchers “to recognise their efforts and the important role they play in keeping Twitter safe for everyone.” When researchers report an issue, Twitter will hand over some cash to thank them for their time.
While the minimum reward is $US140, Twitter says that there is no maximum reward — the amount will depend on the severity of the bug reported.
There are a few qualifications to meet before you can eligible for the reward, however.
For instance, you have to be the first to report the bug, and you can’t publicly disclose the bug before Twitter fixes it. You also can’t live in Cuba, Sudan, North Korea, Iran, or Syria, where the national law prohibits Twitter from paying hackers.
According to the HackerOne website, 44 hackers have already been thanked and 46 bugs have been closed. In addition to the cash reward, the hackers are also featured in a hall of fame.
Facebook has offered a similar program since 2011, with a minimum reward of $US500. Microsoft and Google have similar programs, too. So if you’re choosing between these platforms to carry out some independent research, Facebook or Microsoft might be willing to pay you more for your efforts.