Data from @Hacker0x01 and @facebook proves that bug bounties only benefit a small elite group. Is this model meeting researchers' interests? Read our review of "New Solutions for Cybersecurity" by @mitpress.https://blog.trailofbits.com/2019/01/14/on-bounties-and-boffins/ …
-
This Tweet is unavailable.
-
This Tweet is unavailable.
-
Yep, he is a highly skilled and productive hacker (see https://hackerone.com/dawgyg ) and there are many more on HackerOne in that league, earning much more than the article stated.
No, there are not many more like him. @thedawgyg was awarded 18 bounties in 2018 (1.5 bugs per month), the _93rd_ percentile of all bounty hunters. This is consistent with the report: only the elite earn the lion’s share of bounties.
-
-
This couldnt be more wrong. You see 18 bounties form public programs. I cleared over 500k in bounties on
@Hacker0x01 platform alone in 2018, with another 150k coming from@Bugcrowd and@SynackRedTeam You cant always see most of the reports many of us report due to private invs -
If you look at the stats, I finished in 6th place over all on
@Hacker0x01 for 2018 calendar year. There are many people that make alot more than the 30k stated, most of our money comes from private programspic.twitter.com/LeT43lXcXV
- 3 more replies
New conversation -
-
-
Both are true. The top hackers produce and earn much more than the rest. And there are many top hackers. (My guess is that you are looking at a narrow sample. dawgyg had many more valid vulns than that in 2018 on HackerOne alone.)
-
What needs to be taken into account is all the private programs. A lot of people don't even like submitting bugs unless it's a private program and obviously that isn't reflected here
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.