Secret Launches Bug Bounty Program For Hackers Who Find Vulnerabilities In Its App

Next Story

Aerohive Networks Files For $75 Million IPO

Secret, which has fast become everyone’s favorite way to share “anonymish” thoughts with friends and strangers alike, has launched a new program that is designed to find — and squash — bugs in its mobile app before being exposed to the general public.

The launch of the program comes less than a day-and-a-half after a photo began making the rounds on Secret and on Twitter, which appeared to link a user’s email address to posts that they had shared through the app. The Secret team not only squashed the bug almost immediately, but also announced plans to launch the bug bounty for hackers playing around with the app.

And, well, here it is.

Saying that it is “committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities,” the team is asking for researchers to participate in the process of identifying those vulnerabilities and working with it to close them.

In doing so, Secret is asking for hackers to “make a good faith effort” to not violate user privacy, destroy data, or degrade its service. That includes not accessing or violating any data that does not belong to the user, or sharing it with the public before it’s resolved.

The launch comes after hacks and attacks on other apps which promise anonymity or ephemerality that expose user information. In late December, a hack of Snapchat exposed information connected to 4.6 million of its users. It took more than a week for Snapchat to apologize for that incident and release further security features in an effort to ensure a similar incident doesn’t occur again.

For Secret, the whole idea behind the program is to take a proactive approach to finding and eliminating any potential issues in the app that could expose users’ identity or link secrets to them. That protection is necessary in an app in which users can share what could be sensitive information anonymously with each other.

For now, Secret says it’s hoping to “work with great people and learn from others” while closing any bugs and promises gifts to those who participate.