Facebook Paid $10,000 To A 10-Year-Old For Hacking Instagram

An anonymous reader writes: Facebook has paid $10,000 to a 10-year-old hacker who discovered how one could hack into Instagram and delete comments made by users. Speaking to local publication Iltalehti, Jani said: "I would have been able to eliminate anyone, even Justin Bieber." The Finnish hacker just became the youngest person to receive cash from Facebook for hacking its products. The previous record was set by a 13-year-old back in 2013. What's funny is Jani isn't technically old enough to sign-up and use Facebook or Instagram, as it's supposed to be restricted to those under the age of 13. Jani found he could alter code on Instagram's servers and force-delete users' posts. This was confirmed by Facebook using a test account and patched in February, Facebook told Forbes. Facebook has received more than 2,400 valid submissions and awarded upwards of $4.3 million to over 800 researchers since the bounty program launched in 2011.

2400 security issues in 5 years

[El_Muerte_TDS]

That's more than 1 a day. Maybe Facebook should improve their software development.
And with 1 security issue a day do you really want to put your "private" info on that system.

UKism?

[LMariachi]

> it's supposed to be restricted to those under the age of 13

Is this an Anglicanism I don't know about? In U.S. English, "restricted to" means "only allowed for," e.g. "R-rated movies are restricted to viewers over 17." Viewers under 17 are restricted from viewing them.

That's the reason for these programs in the first

[waspleg]

place - that they don't have to hire anyone. It's another form of temp worker program. They don't owe benefits don't owe pension or 401k matching nor do they even have the possibility of being sued despite the kid being too young to work basically anywhere.

How much would they have paid a professional security firm or on staff IT to audit them and get this result?