Bug bounty programs are designed to sic security researchers on software and pay them to find vulnerabilities and report back to the sponsor. In return, the researchers are richly rewarded for their findings. In fact, Google's bug bounty paid out a hefty $2.9 million in bug bounties in 2017.
Rewards can range from $500 to $100,000 or more depending on the type of bug and the amount of time spent. There are a number of programs, including the Vulnerability Research Grants Program and Patch Rewards Program. The former paid out a total of $125,000 to 50 researchers around the world in 2017, while the latter paid a total of $50,000 to improve security in open-source software.
The largest award of the year was $112,500, a nice chunk of change, for tracking down a Pixel phone exploit as part of the Android Security Rewards Program. This is serious money, and bug bounty hunters serve a key role in the software security ecosystem, helping to ferret out some of the worst vulnerabilities before hackers can exploit them.
Source: TechCrunch
(Score: 1) by i286NiNJA on Thursday February 08 2018, @07:26PM (2 children)
It's peanuts. As usual tech does it's best to keep an ungrateful world running.
(Score: 2) by schad on Friday February 09 2018, @03:53PM (1 child)
We're paid an absurd amount of money to do a job that really isn't that hard. And you want gratitude too?
(Score: 1) by i286NiNJA on Friday February 23 2018, @07:01PM
This is true but it's even more true of our leaders.
It's also the exact same shit you hear from people who do actually work really hard. Digging ditches is EASY and we're making $20/hr to do it!
It's no secret either it's exactly what the epsilon minus semi moron told himself and Brave New World was written nearly a century ago.
Why does tech let itself get kicked around by the likes of the RIAA and the MPAA, smaller industries with much smaller social contributions?
Stop kidding yourself even if it feels bad.