 |
| Meta encourages researchers to check out some of its hardware products |
Meta Corporation has announced that it has updated the bug bounty program for Reality Labs products from Metaverse Technology.
Facebook's parent company has announced that it will include Quest 2, Quest, Portal TV, Portal+, Portal Go, Portal Mini, Portal and Ray-Ban Stories.
According to a press release, this work played an important role in building the Metaverse. The press release confirms that verified requests from Ray-Ban Stories are eligible for the award.
The company hopes the awards will inspire more researchers to analyze glasses and other devices. The minimum error allowance is $500 and the amount increases depending on the equipment and the potential impact of the detected defect.
The highest return listed is $30,000 which will be used to proceed beyond the safe start. But even in cases where the company makes its own decisions, it can increase due to errors that can lead to health, safety or data protection risks.
Meta provides a list of errors and a standard payment method. "Because of issues caused by potentially harmful third-party apps, a problem with malicious third-party apps that pump content and then consume it by one of our apps can be rewarded with around $1,000," she said.
Third-party apps that have unwanted microphone access from the Quest device earn $5,000 in revenue for unauthorized access to the microphone by the third-party app.
META expands bug bounty program to hardware products
Third-party apps that may disable or disable Quest's protection will receive a $3,000 DoS compensation.
The researchers also received $16,000 for discovering remote code execution by bypassing the Quest voice chat library buffer and delegating the execution to a privileged app.
The company first launched its bug bounty program in 2011. The company said it played an important role in finding and fixing vulnerabilities, paying nearly $2 million in rewards to security researchers in the past year alone. Security technology. Dan Gurfinkel.
Full payment list and instructions are available. These instructions describe how the company will assess the impact of hardware failure reports from Reality Labs and determine the amount of reward. These guidelines focus on specific devices and explain how payments can identify certain categories of vulnerabilities.