recentpopularlog in

laurakalbag : bugs   4

Given Enough Money, All Bugs Are Shallow
Summary: You don’t have to be a programmer or hacker to find Jeff Atwood’s post on security bugs interesting. Jeff compares the benefits and negatives of relying on open source communities to find and report security bugs in code, to relying on commercial bug bounty programmes which reward people with large amounts of money. He comes to the conclusion that open source projects need better funding, and more competition for ecosystem diversity, and that money could easily skew the incentives for software security. Overall, Jeff remains hopeful that good people will freely report security bugs in open source software because:

“It is the right thing to do™ and they want to contribute back to open source projects that have helped them, and the world.”
opensource  security  bugs  indie  hackers  indieroundup  1may15 
may 2015 by laurakalbag

Copy this bookmark:

to read