In late April, Chris Poole, also known as moot, founder 4chan, announced that website was violated and data had been leaked. Although belated, to prevent future such events, h company ανακοίνωσε, όχι μόνο επιπλέον μέτρα ασφαλείας, αλλά και ένα program bug bounties.
Poole announced it reward program to those who discover vulnerabilities in by clicking here of the company a few hours ago. The new vulnerability disclosure program is powered by hackerone.
"Ελπίζουμε ότι με την επίσημη παροχή επιβράβευσης σε ερευνητές ασφαλείας, που υποβάλουν σφάλματα που σχετίζονται με την better safety, θα είμαστε σε καλύτερη θέση να ανιχνεύουμε και να αντιμετωπίζουμε τρωτά σημεία που μπορεί να επηρεάσουν την ιστοσελίδα και τους χρήστες της" ανέφερε ο Poole.
"Η ασφάλεια παραμένει μια διαρκής προτεραιότητα και δέσμευση για μας. Ευχαριστώ και πάλι που είσαστε μαζί μας, και συγγνώμη αν σας έχουμε απογοητεύσει."
The websites included in bug bounty are 4chan.org, 4channel.org, 4cdn.org and their subdomains.
The company explains that if vulnerabilities are detected in third-party services (CloudFlare or nginx), they should refer to those companies rather than 4chan. However, the company is willing to publish the names of those who find such defects in its Hall of Fame.
At present, 4chan does not offer any cash rewards. Those who reveal security vulnerabilities will only be recognized at the company's Hall of Fame and will have a 4chan Pass valid for one year. The value of the 4chan Pass does not exceed $ 20.
The reward of the company does not promise the arrival of large security researchers, as they are proposing to deal with the discovery of vulnerabilities by companies paying inexpensively.
The experts in issues security staff who may have questions about 4chan's new bug bounty program can email security at 4chan.org.