Are Porn Sites Secure? YouPorn Is Offering Bug Bounty Program With HackerOne

You can now potentially earn up to $25,000 for watching porn and visiting porn sites. The popular site YouPorn is teaming up with HackerOne and offering rewards to viewers who report site vulnerabilities and security issues.

The rewards range in price from $50 to $25,000 varying based on severity. Users who file a report with the new bug bounty program can expect a response within 30 days, and a fix within 90, according to a release from YouPorn.

YouPorn has faced a few security issues in the past five years. Back in 2012 the usernames and passwords of up to 1 million users were posted online after a third party chat service failed to secure user information, according to the Huffington Post. And in 2015 the site, and others, were hit with malvertising, or malicious advertising, according to Fortune.

Despite these incidents, security and privacy are top concerns for YouPorn said the release. “We are, of course, already equipped with an excellent developer and security staff, but vulnerabilities and breaches are ongoing, so it is important to continuously stay as many steps ahead of potential online threats as possible,” said Brad Burns, VP of YouPorn, according to the release.

PornHub has a similar bug bounty program which hackers took advantage of in 2016, earning $20,000 for revealing how they hacked into the site’s database that holds the personal information of users, according to The Independent. While the PornHub hackers opted to take the reward instead of leaking any of the information they took, Ashley Madison and Friend Finder hackers weren’t as nice. Ashley Madison, the site that helps users find affairs, was hacked in 2015 resulting in the personal information of 32 million users ending up online. The Friend Finder hack was even worse, resulting in the personal information of 412 million users being released between the company’s three websites.

The bug bounty program approach is a means of foiling such leaks before they happen, and preventing future hacks and leaks from happening through strengthening sites and fixing any weak points.

The HackerOne page outlines a variety of requirements each report must meet as part of the bug bounty program, for example each report must be submitted lo later than 24 hours after the security issue is discovered, and users are not allowed to release the details of the security flaw, among others.

Currently YouPorn is only rewarding reports filed through the HackerOne site, as opposed to any other support channel.