Secret, Inc., the company that’s behind Secret, the iOS application that allows users to anonymously share their thoughts, has launched a bug bounty program.
Security researchers can submit any issues they believe can negatively impact users, or vulnerabilities that threaten customers’ anonymity. The company promises to respond to reports in less than 15 hours.
However, hackers are advised not to access or modify data that does not belong to them, refrain from making information on the security holes public before they’re patched, and avoid privacy violations, service interruptions or destruction of data.
The company promises gifts (e.g. stuffed foxes) to those who responsibly disclose vulnerabilities.
The bug bounty program has been launched shortly after a coder announced finding a vulnerability that allegedly allowed hackers to tie secret posts to users’ email addresses. However, Secret has clarified that the claims are inaccurate.
Check out additional details on the Secret bug bounty program.