Monday, July 19, 2010

Mozilla offers $3,000 for bug reports

Starting the 1st of this month, the Mozilla Foundation will reward users who discover and report security vulnerabilities in its software with $3,000 for each vulnerability. Until now the reward, distributed under the Mozilla Security Bug Bounty Program which launched in 2004, has been limited to just $500. Bug finders can now also look forward to receiving a free T-shirt as part of the scheme. Eligible security vulnerabilities must be remotely exploitable (over the web or a local network) and not previously have been publicly documented.

The campaign is limited to the latest version of Firefox, Thunderbird, Firefox Mobile and any other Mozilla service which could allow a hostile takeover of any of these applications. Bugs in third party software such as browser add-ons (also known as extensions) and plug-ins are not eligible.

More info from and

No comments: