Facebook, Ford Foundation & GitHub Donate £229,990 To Open Source Bug Bounty Program

Facebook, the Ford Foundation and GitHub have donated $100,000 (£76,663) each to the Internet Bug Bounty (IBB), a not-for-profit bug bounty program for core Internet infrastructure and open source software.

The money will be used to reward hackers who are deemed to have made the Internet more secure, allowing the IBB to expand the scope and impact of its bug bounty program.

Expanding vision

Alex Rice, HackerOne CTO and founder, who serves on the IBB’s panel, said: “The generous donations from Facebook, Ford Foundation and GitHub lay the foundation for the IBB to expand its vision of making the internet more secure.

“When we have the means to reward altruistic hackers for uncovering critical vulnerabilities in public domains, we are making the internet a safer place for everyone.”

The IBB aims to reward security research that identifies vulnerabilities in Internet infrastructure and free open source projects.

Since its inception less than four years ago, it has awarded more than $616,000 (£472,248) to hackers who have helped uncover more than 625 security vulnerabilities in technologies that support the Internet and widely adopted open source projects. More than $150,000 (£114,995) was awarded to hackers in the past year alone for more than 250 vulnerabilities. Of the total bounties awarded to hackers, more than $45,000 (£34,499)has been donated to charities and nonprofit organisations by these individuals.

Michael Brennan, Ford Foundation’s technology program officer on the Internet Freedom team, said: “At Ford Foundation we believe that a secure, free and open internet is critical in the fight against inequality.

“The open source infrastructure of the internet is part of a public commons that we are committed to help maintain and draw attention to. A necessary part of this maintenance is recognising and rewarding those who uncover critical vulnerabilities in freely available code that we all rely upon.”

Alex Stamos, chief security officer at Facebook, said: “Facebook has supported the IBB since its inception and we are proud to renew our commitment. The internet can bring very positive forces into people’s lives and we must work together to make these vital technologies safer.”

Shawn Davenport, VP of security at GitHub, added: “Open source software underpins the backbone of the internet and society’s most critical digital infrastructure. We believe deeply in the importance of this initiative, and we’re excited to sponsor the Internet Bug Bounty and support the people who work tirelessly every day to ensure the internet is as safe and secure as it can possibly be.”

The latest rounds of sponsorship will enable the IBB to expand the existing scope to introduce a new Data Processing Program, which aims to encompass numerous widespread data parsing libraries, as these have been an increasing avenue for exploitation.

The IBB also intends to expand the scope to cover technologies that serve as the technical foundation of a free and open internet, such as OpenSSL.

Are you a web browser know-it-all? Take our quiz!