Tag Archives: bug bounty

Any bug bounty program for BMBF or EU programs?

Most major players in the software industry have bug bounty programs. Apple (1M€ max), Facebook (500€ max), Github (10K€), Google (31K€). Others don’t pay anything like Ebay, clearly showing their appreciation. Does Ebay really believe that a “hall of fame” is a sufficient way to deal with security issues?

I wish, there would be also a “bug bounty program” for the research funding bodies. There are too many research programs, that nobody needs and nobody wants. If the funders would have qualified staff to do research, they would do research, and would not need to hire other people. Who will ever tell a BMBF research officer that his/her idea wasn’t useful for the German or the EU taxpayer?

example research program

An independent ranking of the research programs by the science community would be a useful resource…