Mozilla announces first payments of Security Bug Bounty Program

Wow, has it been a month already since Mozilla first made the announcement regarding the new “bug bounty reward program”? Well, it is a month later and there have been payments made. Not only does it help out those who perhaps needed the money. But it also works to keep this great browsing technology as secure as possible.

The Mozilla project announced the first payments awarded as part of its Security Bug Bounty Program to Marcel Boesch, Gael Delalleau, Georgi Guninski, and Mats Palmgren, the first researchers and security experts to find and report qualifying vulnerabilities. After learning about the Security Bug Bounty Program, Mr. Delalleau, a security expert for Zencom Secure Solutions, inspected the Mozilla source code for security vulnerabilities, eventually finding a potential problem in Mozilla’s email component. Commented Mr. Delalleau: “I found that the overall quality of the code is quite good. I audited other parts of Mozilla’s tree without finding anything, before focusing on the POP3 code.” For each critical security issue identified, the Mozilla Foundation paid out a $500 bounty. One of the award winners, Mr. Palmgren, has generously donated his award back to the Foundation to support future bounty payments.