At the 2011 DefCon hacker conference, a team from Facebook made their and delivered an unusual message: Please hack us. We’ll pay you for it.

Facebook’s Chief Security Officer Joe Sullivan, was at the event promoting the company’s new “bug bounty program,” which pays researchers to report security flaws in the social-networking site of more than 750 million active users.

Facebook will pay a minimum of $500 for valuable information as long as the hacker agrees to not disclose the flaw until the issue has been patched. Facebook has already paid out one bounty of more than $3,000, Sullivan said.

“It mobilizes a lot of great security experts all over the world who are passionate about security,” “Hackers like to hack. We’re basically saying, ‘We want you to hack our site and we want you find things and we’re happy to pay you.’”

To get paid, hackers must be the first to report the security flaw and must reside in a country not under U.S. sanctions.

How does a unknown dating site launch with 250,000 member profiles on the first day? Simple. You scrape data from Facebook.

At lease this was the approach taken by a new site called Lovely-Faces.com this week. Profiles with names, locations and photos were “scraped” from publicly accessible Facebook pages. The site then categorized the unwitting volunteers into various personality types by using a facial recognition algorithm. This then allows you to search for someone in your general area who is “easy going,” “smug” or “sly.” Or you have the option to just search on persons real names.

Paolo Cirio, a media artist, and Alessandro Ludovico, media critic and editor in chief of Neural magazine, created the website and claim that it’s art, not commerce.

“Facebook, an endlessly cool place for so many people, becomes at the same time a goldmine for identity theft and dating — unfortunately, without the user’s control. But that’s the very nature of Facebook and social media in general. If we start to play with the concepts of identity theft and dating, we should be able to unveil how fragile a virtual identity given to a proprietary platform can be.”

And, the duo speculate, if people pull hard enough on that bothersome thread, Facebook’s $50 billion valuation will unravel. Facebook, as you might expect, is not amused.

“Scraping people’s information violates our terms,” said Barry Schnitt, Facebook’s director of policy communications. “We have taken, and will continue to take, aggressive legal action against organizations that violate these terms. We’re investigating this site and will take appropriate action.”

Facebook’s terms of service require those who want to collect data from its pages to apply for permission, which Cirio and Ludovic did not do when they pulled down publicly available profile information on a million Facebook users.

Cirio and Ludovic say they will take down a user’s profile, if a person asks and the site doesn’t have any indication they are actually trying to make any money. Instead, it’s part of a series of prank sites, the first two of which aimed at Google and Amazon, intended to make people think more about data in the age of internet giants.

Facing a lot of criticism for not offering a secured browsing option, the site has recently added a new feature to browse the social network on a secure connection (https).

However, https:// browsing is not turned on by default and must be manually activated from your “Account Settings” page.

Here is the explanation given by Alex Rice:

If you’ve ever done your shopping or banking online, you may have noticed a small “lock” icon appear in your address bar, or that the address bar has turned green. This indicates that your browser is using a secure connection (”HTTPS”) to communicate with the website and ensure that the information you send remains private. Facebook currently uses HTTPS whenever your password is sent to us, but today we’re expanding its usage in order to help keep your data even more secure.

Starting today we’ll provide you with the ability to experience Facebook entirely over HTTPS. You should consider enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries or schools

Facebook mentions that the new feature may slow down browsing on the site because encrypted sessions typically take longer to load. In addition, some Facebook features, including many third-party applications, are not currently supported in HTTPS, which will cause problems.

The company says it hopes to offer HTTPS as a default setting “sometime in the future.”