ZDNet – Facebook has paid out its largest bug bounty ever of $33,500 to a security researcher who could have potentially taken full control of a server within its network.
Since 2012, Brazilian computer engineer Reginaldo Silva has been toying with vulnerabilities in OpenID, the open technology that allows users to use an account with an existing identity provider to sign in to other compatible services. For example, a user can trust Symantec’s Personal Identity Portal to create an OpenID account, then use that one account to sign in to WordPress.