This is a very good conecpt. There's no way to stop people from checking the security (or rather the possible lack of security) on such a large website, and by saying that it is OK they'll probably get more help from the ones who find the vulnerabilities.
wow, thats interesting. I think thats a good idea. Why not let them hack it "responsibly" or "ethically", its a bunch of free pen tests. They just have to pray that everyone who finds a vulnerability truthfully reports it.
Nice share, thanks.