you judge as harsh with every other person working as freelancer in infosec?
-
-
being an infosec freelancer is radically different than expecting payouts for spontaneously reported bugs
2 replies 2 retweets 2 likes -
no it is not. Bug bounty programs inviting audits are like freelance work without formal contracts.
1 reply 0 retweets 1 like -
In proper freelance work lack of results is paid, also what Dan said is spot on. Let us agree to strongly disagree
1 reply 0 retweets 0 likes -
yes "proper" freelancers get paid for sitting around. Bug bounty submitters that you look down on are not
1 reply 0 retweets 1 like -
time invested investigating attacks that lead no results is far from "sitting around", you're the one looking down
1 reply 0 retweets 0 likes -
consultants get paid even when sitting in meetings and falling asleep
2 replies 0 retweets 1 like -
oh well that wins the argument then...sigh
1 reply 0 retweets 0 likes -
it is a simple fact. Bug bounty submissions get paid by bug. Freelancers by time (no matter what they do)
2 replies 0 retweets 0 likes -
OTOH hired teams can't withold their report until they get paid more
3 replies 0 retweets 0 likes
I'm not arguing against the utility of bug bounties, just the sense of entitlement that seems to come with
-
-
maybe u should spend your time not defending billion $ crprations w r using bounties for PRpoints
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.