A complete of 17,011 bugs have been submitted to Fb in 2014, up sixteen % from the earlier yr, and sixty one of these bugs have been categorised as excessive-severity, up forty nine % from 2013.
Fb safety engineer Collin Greene shared these figures in a note on the Facebook Bug Bounty page, including that $1.three million was paid out to 321 researchers from around the globe final yr, with a mean reward of $1,788.
Based on Greene, the Fb Bug Bounty program has distributed a complete of greater than $three million since its institution in 2011.
Greene wrote that rewards have been issued in sixty five nations in 2014, up 12 % from 2013, and reviews got here from 123 nations. The highest 5 nations in 2014 when it comes to legitimate bugs submitted have been:
- India: 196 (common reward of $1,343)
- Egypt: eighty one ($1,220)
- U.S.: sixty one ($2,470)
- U.Okay.: 28 ($2,768)
- Philippines: 27 ($1,093)
He additionally spotlighted three of the most important potential points that have been found and handled final yr:
- Hidden enter parameters: There was a bug the place the again-finish code was receiving a number of values for a similar parameter, inflicting unintended results downstream. This meant that upon submission, we acquired two units of parameters with the identical identify and differing values (e.g., http://ift.tt/1ALph2R). On this case, the conduct in each PHP and HHVM (HipHop Digital Machine) is to make use of the final worth offered — i.e., identify would equal “baz.” After we fastened the occasion from this report, we additionally fastened a number of different spots and made enhancements round
The post Fb Bug Submissions Up sixteen% in 2014 appeared first on DICKLEUNG DESIGN 2014.
沒有留言:
張貼留言