Facebook has announced a program within which it offers to find bugs and vulnerabilities in the source code of Oculus Rift virtual reality headset, SDK and the website of the company. Within this framework each single researcher or a group of professionals who will report a new bug, will be financially rewarded.
Minimum award is $500 and the maximum one is not defined. The largest social networking site, Facebook, paid about $1.5 billion in similar programs aimed at searching for vulnerabilities last year. At the moment, according to the engineer on security issues at Facebook, Neal Poole, most of the errors relate to the message system from Oculus to developers and web site – it is not much different from finding errors in the social network.
However, given the fact that Oculus VR is still the developer of the equipment, the security team of Facebook may soon start getting error messages of a new type. It is possible that in the future hackers will crack virtual reality headsets and Oculus is interested in preventing it.
Various programs on finding errors for monetary compensation as a reward are becoming more and more popular among technology companies – they make it possible to effectively attract a lot of experts to test the code and identify vulnerabilities. For example, Google has such a program to improve the open browser, Chromium.