/>
X

Mozilla expands bug bounty to web apps

Mozilla has plans to expand its popular bug bounty program to web applications, offering to pay cash rewards to hackers who find serious security flaws in some of its high-profile web properties.
ryan-naraine.jpg
Written by Ryan Naraine on

Mozilla has plans to expand its popular bug bounty program to web applications, offering to pay cash rewards to hackers who find serious security flaws in some of its high-profile web properties.

The new program will see Mozilla paying between $500 and $3000 for "high severity," "extraordinary" or "critical" vulnerabilities in domains and web applications belonging to the open-source group.

The list of Web sites in play include Mozilla's add-on site, the Bugzilla reporting site and several public-facting marketing sites.

Here's the list of domains under scope for the expansion of the program:

  • bugzilla.mozilla.org
  • *.services.mozilla.com
  • getpersonas.com
  • aus*.mozilla.org
  • www.mozilla.com/org
  • www.firefox.com
  • www.getfirefox.com
  • addons.mozilla.org
  • services.addons.mozilla.org
  • versioncheck.addons.mozilla.org
  • pfs.mozilla.org
  • download.mozilla.org

Mozilla director of infrastructure security Chris Lyon said the new policy will go into effect on December 15, 2010.

"We want to encourage the discovery of security issues within our web applications with the goal of keeping our users safe. We also want to reward security researchers for their efforts with the hope of furthering constructive security research, Lyon said.

Mozilla already pays up to $3,000 for security holes in its flagship Firefox and Thunderbird client programs.

Google and Barracuda Networks are also among the latest wave of software companies offering to pay security researchers for the rights to vulnerability information.

ALSO SEE:

Related

Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
How to get Photoshop for free
photoshop free trial

How to get Photoshop for free

Photo & Video
I loved driving the Hyundai Ioniq 5 and Kia EV6, and there's only one reason I can't buy one
img-1724

I loved driving the Hyundai Ioniq 5 and Kia EV6, and there's only one reason I can't buy one

Electric Vehicles