As part of the program, Oculus Rift headset owners can report bugs to Facebook for a chance to be financially compensated. The minimum reward is $500, and there is no maximum payout. Every bug is awarded a bounty based on severity and creativity.
Facebook security engineer Neal Poole tells The Verge that the bulk of bugs for Oculus are in its messaging system for developers and the company's website itself. But that could change in the future, when Oculus Rift--Facebook's first hardware product--is released publicly.
"A lot of the issues that come up with Oculus are not necessarily in the hardware yet," Poole says. "Potentially in the future, if people were to go explore and find issues in the SDK or the hardware, that is definitely of interest to us."
Security could be a major issue for Oculus Rift if the technology becomes as ubiquitous as creator Palmer Luckey hopes it will be. He said in a recent interview that his ambition is to have a headset in every home. Oculus Rift is currently available to developers, while a final, consumer model should be out by the end of next year.