• BURN MEDIA
    • Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!
Twitter

Twitter wants you to help it find bugs so it can’t get caught with its pants down

Amidst a brewing storm of leaked nude photographs, Twitter is yelling into the dark, to the outer fringes of tech society, inviting all hackers to hack it. Well, the call is not restricted to hackers, just about anybody. It’s casting its net wide.

Myolisi Sikupela: Staff Reporter
Myolisi Sikupela reads and writes about technology. He is the video, photo and podcast guy here at Memeburn. More

Advertisement

The bug bounty programme, introduced today by Twitter, encourages security researchers to report bugs they find on Twitter and get a reward for it. This comes on the heels of the news of a hacker who leaked more than 100 nude photographs of some of Hollywood’s most famous female stars due to a vulnerability in Apple’s security systems. It is also worth noting that Apple does not have a bug bounty programme of its own. Some experts have said the Apple leak is due to the fact that it allows too many wrong attempts at a password.

Essentially, unlike Apple, Twitter is trying to avoid being caught with its pants down.

Twitter will pay a minimum of US$140 USD for each bug found but only if you are the first reporter of the bug. The bug also has to be confined to Twitter’s desktop and mobile website, iOS and Android apps, including Tweetdeck on the web. Anything that falls out of that scope is not rewarded, so there’s no point snooping around anywhere else, really.

Reporting bugs has however always been at the core of the hacking game. The unwritten formula is to hack into an establishment, proving that company’s incompetence, and get them to sort it out, quietly. More often than not, this fails and forces good hackers to go underground and go bad. We know this all too well, with Frederick “Warlock” Kaludis, from Die Hard 4.0.

Though the programme was only officially introduced today, data obtained from early tests reveals that Twitter has paid 44 people and closed 46 bugs, in a period that spans three months.

The programme also comes with strict rules and one is that you may not publicly disclose the vulnerability prior to Twitter resolution. Though this is to counter good hackers that go underground and go bad, it will be interesting to see what happens when Twitter fails to act quickly and swiftly. Will good hackers be patient or will they revolt against Twitter?