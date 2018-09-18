FACEBOOK IS DETERMINED to clean up its act when it comes to third-party apps, as evidenced by its ramping up of rewards for bugs in found aforementioned applications.

While some Facebook users might be cautious about allowing third-party apps to have access to their Facebook profile given the furore caused by the Cambridge Analytica data scandal, Mark Zuckerberg's folks want to ensure those apps are safer to use and come purged of digital nasties.

As such, valid bug reports will be rewarded with at least $500, with that amount hiking up in line the severity of the reported bug, providing it's legit.

"We want researchers to have a clear channel to report these important issues, and we want to do our part to protect people's information, even if the source of a bug is not in our direct control," explained Dan Gurfinkel, Facebook's security engineering manager, clearly onboard with the new 'we love privacy' social network.

A big focus of the bug bounty is on the misuse of token access, the background process that lets you log in to other apps and services using your Facebook profile. Bugs and malicious code lurking in third-party apps and services can exploit such tokens and spill users' Facebook data, so the social network wants bug hunters to root out such vulnerabilities and code gremlins.

Apps that do end up leaking access tokens will get a helping hand from Facebook to fix any borkage, though we suspect that if they are doing it with malicious intent, the social network will purge them from its platform.

"Apps that do not comply with our request promptly will be suspended from our platform until the issue has been addressed and a security review has been conducted. We will also automatically revoke access tokens that could have been compromised to prevent potential misuse, and alert those we believe to be affected, as appropriate," Gurfinkel highlighted.

It all very well that Facebook is seemingly getting better at policing third-party apps, but it also needs to be savvy that it can also make mistakes, as demonstrated by the accidental publishing of some 14 million private posts. µ