Data from @Hacker0x01 and @facebook proves that bug bounties only benefit a small elite group. Is this model meeting researchers' interests? Read our review of "New Solutions for Cybersecurity" by @mitpress.https://blog.trailofbits.com/2019/01/14/on-bounties-and-boffins/ …
“... researchers studied data from 61 HackerOne bounty programs over 23 months and one Facebook program over 45 months. The HackerOne data set includes bounty programs from Twitter, Square, Slack, Coinbase, Flash, and others...” looks pretty representative to me
-
-
Not exactly sure what's causing the differences in data, but HackerOne's 2018 Hacker Report shows the ratio of bug bounty earnings to median wage for a software engineer for a number of regions, which shows a wildly different conclusion: https://www.hackerone.com/sites/default/files/2018-01/2018_Hacker_Report.pdf …pic.twitter.com/o5SP34bxcA
-
This independent, academic work directly addresses the unqualified marketing website that you’re citing.
End of conversation
New conversation -
-
-
This Tweet is unavailable.
- 9 more replies
-
-
-
You are missing two important things on this: They are looking at public programs specially like Twitter, Slack where there are not many hackers looking into these program and even then public programs are going to get a lot of noise with sometimes there being a critical bug.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.