Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

More Than 10% of Mozilla Bug Finders Refuse Cash

Soulskill posted more than 3 years ago | from the never-underestimate-the-power-of-free-swag dept.

Mozilla 115

angry tapir writes "The open-source Mozilla project has been offering cash bounties for security bugs for six years now, but often bug finders simply turn down the cash. Between 10 percent and 15 percent of the serious security bugs reported since Mozilla launched its bug bounty program have been provided free of charge, according to Mozilla."

cancel ×

115 comments

More evidence... (5, Funny)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#33161728)

More evidence, if any were needed, that "Open Source" software is a sinister communist plot that defies all sound economic principles.

Sincerely,
S. Ballmer.

Re:More evidence... (1)

jornak (1377831) | more than 3 years ago | (#33161826)

Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.

Re:More evidence... (4, Insightful)

VJ42 (860241) | more than 3 years ago | (#33161970)

Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.

That's effectively what they're doing - the 'charity' of their choice being the Mozilla foundation.

Re:More evidence... (1)

jornak (1377831) | more than 3 years ago | (#33162046)

I was thinking of something more along the lines of OLPC or any of those charitable organizations that help spread technology to people/places that regularly wouldn't have access to it.

Re:More evidence... (1)

Seumas (6865) | more than 3 years ago | (#33162126)

Nothing is stopping the bug-hunters from accepting the cash and donating it.

Re:More evidence... (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33162790)

Sure there is. Many of them probably are doing their work for a company. Major companies generally have positions on this that would preclude the "finder" from accepting (even for that moment required to donate it) any kind of a bonus or fee for their work since they were already paid for their work by their employer. I am pretty sure that explains this 10 - 15 percent right there. Not altruism. They are just constrained not to accept. Others are probably also constrained but choose to ignore their company policy.

Re:More evidence... (0)

Anonymous Coward | more than 3 years ago | (#33162348)

You mean like the Mozilla foundation for providing the free web browser that many of those efforts use?

Re:More evidence... (5, Insightful)

kg8484 (1755554) | more than 3 years ago | (#33162378)

Ah, so what you really meant is:

Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of my choice. Just sayin'.

Re:More evidence... (2, Insightful)

Snaller (147050) | more than 3 years ago | (#33166462)

Bullshit. The Mozilla foundation is not a charity nor is giving them money charity.

Re:More evidence... (1)

somegeekynick (1011759) | more than 3 years ago | (#33162006)

Charity? Do you mean like the Mozilla Foundation?

Re:More evidence... (2, Insightful)

maxume (22995) | more than 3 years ago | (#33162280)

It's a non-profit organization. That doesn't make it a charity, it just means it has a special tax status.

The fact that they accept donation gives some credence to the idea of calling them a charity; that they make far more money from their business activities at least makes it questionable.

Re:More evidence... (1)

clone53421 (1310749) | more than 3 years ago | (#33162376)

It is creating something valuable (Firefox, etc.) and giving it away free of charge. Charities give away things free of charge. They’re not terribly different... the only differences are what they’re giving away and who they’re giving it to and under what conditions or circumstances.

Re:More evidence... (1)

Peter Bortas (130) | more than 3 years ago | (#33162840)

That would then make Opera Software (to take an example in the same domain) a charity using the same test.

Re:More evidence... (1)

clone53421 (1310749) | more than 3 years ago | (#33162936)

I’d omitted/forgotten that a charity also needs to be a non-profit organisation (as maxume had already noted that Mozilla Foundation is a NPO) – perhaps I should have included it.

Re:More evidence... (5, Informative)

somegeekynick (1011759) | more than 3 years ago | (#33162426)

I realise that we might only end up debating semantics and matters concerning law (*shudder*) but, for what it's worth,

The Mozilla Foundation, which is registered as a charity in the United States...

Source [timesonline.co.uk] And, California registration by the Mozilla Foundation as a charitable trust [mozilla.org] .

Re:More evidence... (2, Informative)

Anonymous Coward | more than 3 years ago | (#33162094)

Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.

Maybe you should read the article?

"A lot of people would say, 'Don't worry about it. Donate it to the EFF [Electronic Frontier Foundation] or just send me a T-shirt,'"

Re:More evidence... (1)

AHuxley (892839) | more than 3 years ago | (#33162234)

Surgical kits, adult literacy, tropical medicine, animals, eye clinics, food banks, a laptop as a gift, lots of Ubuntu ect.

Re:More evidence... (2, Informative)

clarkkent09 (1104833) | more than 3 years ago | (#33162808)

a) 90% accept cash for their work. Evil bastards!

b) Talking about socialism, good thing we don't have unions in software industry or they wouldn't look too kindly on all these people working for free.

Re:More evidence... (1)

jellomizer (103300) | more than 3 years ago | (#33163854)

What I really want to know is how many of the people who Got Paid for fixing a serious bug fix were the ones who made it in the first place, or were they the ones that didn't take the money for the fix (as a matter of ethical pride)

10% really isn't that much.

Re:More evidence... (1)

ffnogoodnik (812414) | more than 3 years ago | (#33164838)

People did not get paid for fixing the bug, they got paid for finding it.

But 90% accept the cash... (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33161746)

Another nail in the coffin of socialism. Cash is the ultimate motivator.

Re:But 90% accept the cash... (4, Interesting)

bsDaemon (87307) | more than 3 years ago | (#33162112)

That's not necessarily true. Is 10% higher or lower than in previous years? Is the data such that a trend can be measured? besides, I wouldn't say that cash is necessarily the a direct motivator. Identifying that a bug exists is often times easier than being able to fix it, and tipping off the people who are in a position to fix a problem in a piece of software you rely on is also a valid motivation.

Alternatively, getting your name out there as someone who is smart and gets things done can and often does lead to other opportunities.

Re:But 90% accept the cash... (1)

spydabyte (1032538) | more than 3 years ago | (#33162650)

By your comment I cannot tell if you are a developer or someone not related to computers at all. Bug finding is not an easy task by any measure. Talk to your local Test Engineer.

Re:But 90% accept the cash... (1)

bsDaemon (87307) | more than 3 years ago | (#33162992)

I admin FreeBSD and Linux systems and do a bunch of q/a work on FreeBSD-based "black box" type networking devices for a specific type of client. I don't do a lot of dev work, what I do is mostly in Perl and BASH. I didn't mean to suggest that finding the bug in the code is easy, but that knowing when there is a problem is easier than doing anything about it.

My roll in q/a involves a lot of use-case testing, and gathering packet capture and log information for use in debugging any potential issues before a production release is rolled out. I don't do any patching of the C code base, in fact it's been months since I've had to use C for anything that wasn't just for fun.

Re:But 90% accept the cash... (1)

think_nix (1467471) | more than 3 years ago | (#33162826)

That's not necessarily true. Is 10% higher or lower than in previous years? Is the data such that a trend can be measured? besides, I wouldn't say that cash is necessarily the a direct motivator. Identifying that a bug exists is often times easier than being able to fix it, and tipping off the people who are in a position to fix a problem in a piece of software you rely on is also a valid motivation.

Alternatively, getting your name out there as someone who is smart and gets things done can and often does lead to other opportunities.

Not only your last statement but /*I*/ refuse cash back . It is OSS so giving back is /*my personal*/ way of thanking the rest of the community for their hard work and developing a very good product as a whole , improving that product and also giving free alternatives to commercial software is the main thing /* imho*/.

Re:But 90% accept the cash... (1)

Bloopie (991306) | more than 3 years ago | (#33162122)

So volunteers working for free is now called socialism?

Re:But 90% accept the cash... (1)

AHuxley (892839) | more than 3 years ago | (#33162396)

Philanthropy has family or band name value, the tax bonus and endless feel good publicity. Anonymous volunteers working for free are unfair competition in many areas.

Re:But 90% accept the cash... (1)

wisnoskij (1206448) | more than 3 years ago | (#33162152)

Accepting offered cash does not mean that was the motivation of finding the bug in the first place.

Re:But 90% accept the cash... (1)

think_nix (1467471) | more than 3 years ago | (#33162850)

Accepting offered cash does not mean that was the motivation of finding the bug in the first place.

devs have to eat right ?

Re:But 90% accept the cash... (1)

FudRucker (866063) | more than 3 years ago | (#33162304)

naw, i am semi-retired, i own a 10 wheeler dump truck that can haul 10 square yards of sand, gravel or dirt/top-soil, i work it when i want to so i am not desperate for money, if i found a bug or vulnerability in any open source software that is free i will submit a bug report through the usual channels for free, since they are good enough to give me free software i will return the favor to help them improve the product for free, (sounds fair to me and most everyone else)

Re:But 90% accept the cash... (2, Insightful)

El_Muerte_TDS (592157) | more than 3 years ago | (#33162652)

There are no statistics of how many people who accept the cash donate it to other open source projects who need the cash.

Re:But 90% accept the cash... (0)

Anonymous Coward | more than 3 years ago | (#33162834)

I don't get it. How do you get "socialism" out of turning down a reward or payment? Is that what socialists do?

Re:But 90% accept the cash... (1)

underqualified (1318035) | more than 3 years ago | (#33164404)

sex > cash

Actually (5, Funny)

Monkeedude1212 (1560403) | more than 3 years ago | (#33161762)

There was a bug in the bug submit form. I couldn't check off the box at the bottom that said "Wants Cash".

Does that form work in Netscape?

Re:Actually (4, Funny)

Winckle (870180) | more than 3 years ago | (#33161790)

Only in IE6 i'm afraid. :(

Re:Actually (1)

Drumster (1154519) | more than 3 years ago | (#33161904)

LOL

Re:Actually (1)

shadowrat (1069614) | more than 3 years ago | (#33166292)

that post WAS clever.

Goddamn Beatles! (1)

denzacar (181829) | more than 3 years ago | (#33161840)

And their subliminal programing. [youtube.com]

Job may not allow you to accept cash bounty (5, Informative)

catherder_finleyd (322974) | more than 3 years ago | (#33161940)

If one were to find the bug in the course of one's job, the employer may not allow you to accept a cash bounty. This is certainly the case in the US Federal Government, as well as many Federal Contractors.

Re:Job may not allow you to accept cash bounty (1)

clone53421 (1310749) | more than 3 years ago | (#33162438)

Reproduce the bug from home and send in the error report from there. You aren’t supposed to be using unapproved software anyway, and Firefox probably isn’t approved and installed on the computers by the IT department in most workplaces. Although, admittedly, the IT department might turn a blind eye toward people so long as they aren’t causing other problems.

Re:Job may not allow you to accept cash bounty (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33163306)

My personal experience is that developers at many or most US federal contractors have no problems running Firefox.

Many workplaces will relax such rules for workers who develop software as part of their jobs, and these are the individuals who will be finding bugs in the first place.

Re:Job may not allow you to accept cash bounty (3, Insightful)

thejam (655457) | more than 3 years ago | (#33162442)

Also, your work visa may not allow you to accept cash for work of another employer.

Re:Job may not allow you to accept cash bounty (2, Informative)

plcurechax (247883) | more than 3 years ago | (#33162836)

The situation may also become marginal or not worth the effort for foreigners to accept the cash, if they need to hire a tax lawyer to deal with foreign income, as most countries don't consider foreign prizes ("windfall") or "bounties" as tax-free (or zero-rate tax rate) income.

Let alone you live / work in a country that is not trusting of US Government and US organizations (think: Cuba, China, Philippines, Latin America), may consider it "proof" of being a spy. Why else would some foreign US non-profit organization group just "give" you money, you capitalist whore?

"Often"? (3, Insightful)

Thats_Pipe (837838) | more than 3 years ago | (#33161942)

"... often bug finders simply turn down the cash. Between 10 percent and 15 percent ..."

Not too sure what connotations "often" has for others but 10-15% doesn't really seem that "often"

Re:"Often"? (0)

Anonymous Coward | more than 3 years ago | (#33161982)

It's pretty often when you consider that they're turning down cash for spending time finding bugs. I don't know about you but I'd be glad to take that cash off their hands.

Re:"Often"? (5, Insightful)

correnos (1727834) | more than 3 years ago | (#33162090)

In the context of "here have some cash", 15% is pretty often.

Re:"Often"? (0)

Anonymous Coward | more than 3 years ago | (#33162738)

You'd be amazed what people will do for free. Exhibit A: Go to any bar on a Friday night and see who provides "free" services, works best near closing time when the female patrons are drunk and lonely.

Re:"Often"? (1)

Twillerror (536681) | more than 3 years ago | (#33162756)

I've never taken accounting, but when money is involved generally saying 10-15% is not a good idea.

( Number of bugs people who refused/Number of bugs submitted ) * 100

So if 1 person refused out of 4.

( 1 / 4 ) * 100 .25 * 100
25

25%

How can they only estimate 10-15%? Seems like a feeling more than a concrete report.

Re:"Often"? (1)

clone53421 (1310749) | more than 3 years ago | (#33163022)

It probably depends on whether you calculate it based on the number of bugs whose finder refused cash or the number of researchers who refused cash for the bug reports they had submitted. The article states that over 120 bugs have been found by about 80 researchers – some of the researchers submitted more than one bug.

Re:"Often"? (0)

Anonymous Coward | more than 3 years ago | (#33162332)

If one is hit by lightning every week, one would feel that one is often abused by Thor/Zeus/Mother Nature.

always > usually > often > occasionally > (rarely=seldom) > once in blue moon > never

BTW the "captcha" to submit this post was "decency" ;-)

Re:"Often"? (1)

easterberry (1826250) | more than 3 years ago | (#33162374)

You seem to be confusing "often" with "more often than not". They aren't the same thing.

Re:"Often"? (1)

MaWeiTao (908546) | more than 3 years ago | (#33162682)

I just looked up "often" in the dictionary. The definition provides reads, "frequently, many times".

I'd say you're unclear on the definition of often.

10%-15% may be more often than expected, but by no stretch of the imagination is it often.

Re:"Often"? (1)

clone53421 (1310749) | more than 3 years ago | (#33163076)

Both “frequently” and “many” are relative terms. You can have something occur more or less frequently than expected, or more or fewer times than expected.

“More often than not” is unambiguous and definite.

Re:"Often"? (1)

mobby_6kl (668092) | more than 3 years ago | (#33164958)

They are relative, but not completely meaningless. If you plot "often", "frequently" and perhaps "many times" on a scale from 0 to 100% ("never" to "always"), I, and I'd imagine... most people would expect to find all of the three significantly further to the right than the first tenth or 15%. The article (or the summary, I didn't RTFA) attempts to spin the story to make it sound like a higher number than it actually is.

I suggest some alternative headlines:
"Almost 90% of people take money from a non-profit for submitting bugs",
or
"Only about 10% of bug finders volunteer their effort for free".

Re:"Often"? (1)

clone53421 (1310749) | more than 3 years ago | (#33165390)

What’s misleading about “More Than 10% of Mozilla Bug Finders Refuse Cash”?

Re:"Often"? (1)

JLennox (942693) | more than 3 years ago | (#33162996)

If this was Microsoft it would be "15% of people refuse blood money"

Re:"Often"? (1)

clone53421 (1310749) | more than 3 years ago | (#33163166)

I’m personally all for accepting free blood money. You can probably put it to a more worthy use (or less destructive one, should we say) than they would if you refused it, after all.

If you want to make a point about it, it’s more effective to accept the money then turn around and give it to a charity that the blood-money givers would disapprove of [kmbz.com] .

15% is not a lot (-1, Redundant)

drHirudo (1830056) | more than 3 years ago | (#33162010)

"Between 10 percent and 15 percent" is not often in my math books. More than 50% may be considered often. Btw the latest 3.6.8 FireFox I have installed is a crash fest for me and crashes several time per day, without extensive surfing.

Re:15% is not a lot (4, Interesting)

Thiez (1281866) | more than 3 years ago | (#33162162)

It's more often than one would expect. If I walked around handing out free cash, and 49% of people refused it (that is, less than 'may be called often' according to you), that is still much more often than most people would expected.

Finding bugs could be considered a job. If 10 to 15% of people don't expect to be paid for their work, wouldn't you agree that's significantly more than expected?

Re:15% is not a lot (1, Informative)

Anonymous Coward | more than 3 years ago | (#33162166)

https://developer.mozilla.org/en/How_to_get_a_stacktrace_for_a_bug_report

https://developer.mozilla.org/en/Bug_writing_guidelines

Re:15% is not a lot (1)

bsDaemon (87307) | more than 3 years ago | (#33162256)

I'd say ~20% for often. 50%+ is "usualy" and over 75% can be "most of the time" with "nearly always" reserved for over 90%. So, depending on how you want to spin this, it can be "bug submitters nearly always accept cash," or "often times, bug submitters reject cash" (rounding 15% up to 20% for often-ness). But, as I noted in a previous post, the important thing is which way the numbers are trending, not necessarily what the numbers are, when determining how good news this is. The story title is actually pretty "fair and balanced" with how it frames it.

Re:15% is not a lot (1)

xenapan (1012909) | more than 3 years ago | (#33162758)

I work in software, so do alot of my friends, a few of em also exclusively do bug finding. Guess how often one of them tells their employer they dont want their salary? Pretty sure 10-15% is often when it comes to a job.

Multiple reasons (1)

randomencounter (653994) | more than 3 years ago | (#33162098)

Some people may not be able to accept the bounty, and others may simply feel they have already gotten sufficient value (free browser!).

Though even those with altruistic motives would find it hard to turn down $3000.

Re:Multiple reasons (1)

shadowrat (1069614) | more than 3 years ago | (#33162472)

it's $3000! holy shit!
  • step 1: contribute bug to mozilla
  • step 2: report bug
  • step 3: go directly to PROFIT!

nor would I accept it (3, Interesting)

FuckingNickName (1362625) | more than 3 years ago | (#33162132)

I've helped out in projects which help the wider community but which are controlled in some way by organisations which I do not approve of. In such cases, I refuse to take anything but expenses. Benefitting from some organisation of which you disapprove is morally bankrupt, but helping out a good cause which happens to be promoted by that organisation is a fine act.

To do a bit of occupatio:

1. No, the effort in finding the bug isn't an expense, unless you're one of those consumer-citizen types who translates each hour into some cash value;

2. Something exists outside of its ownership. It is not inconsistent to judge that Firefox is good but the Mozilla Foundation is bad.

Re:nor would I accept it (2, Funny)

Anonymous Coward | more than 3 years ago | (#33162250)

this post took me 27 seconds to read... you owe me $1.75.

Re:nor would I accept it (0)

Anonymous Coward | more than 3 years ago | (#33162528)

You really expect me to believe you are worth $233.33 an hour?

Re:nor would I accept it (1)

shadowrat (1069614) | more than 3 years ago | (#33162578)

but nothing helps organizations more than getting something for free. what's better for BP? if the community all went down and cleaned up the gulf for free? or if they had to pay through the ass to clean it up?

(a lot of my tax dollars went to cleaning, i support that, but i would support BP paying me back w interest)

Re:nor would I accept it (1)

FuckingNickName (1362625) | more than 3 years ago | (#33162760)

Assuming that some community of volunteers could reasonably do the work, then it depends on whether you think clearing up the oil spill or spiting BP is more important.

The poorest people in the world need to be left to suffer slow death by starvation, because helping them will only encourage their corrupt governments, right?

Re:nor would I accept it (1)

shadowrat (1069614) | more than 3 years ago | (#33163188)

Well, the important task is to clean/help. Finger pointing and punitive measures aren't going to address the situation. However, I don't see it as morally bankrupt to be compensated for that help.

Re:nor would I accept it (1)

Yvanhoe (564877) | more than 3 years ago | (#33162720)

I personally consider moral to do the opposite : provide for free a service to an organization you approve of, make pay organizations you disapprove of. I am not sure how this "moral bankruptcy thing" works.

Re:nor would I accept it (1)

Aliotroph (1297659) | more than 3 years ago | (#33162770)

If you're going to fix the bugs anyway then why not take the money and put it into an organization you do support?

Re:nor would I accept it (1)

Duradin (1261418) | more than 3 years ago | (#33162910)

More papers to deal with at tax time.

Re:nor would I accept it (1)

FuckingNickName (1362625) | more than 3 years ago | (#33163096)

Imagine that the Puppy Killing Party of North America (Republican/Democrat/ADL/ADC/AMI/PETA/whatever sinks your boat) saw that you happened to do something in some way aligned with their mission, even if not directly killing puppies.

They approached you and said, "On behalf of the puppy killers of North America, we're happy with what you've done and we'd like to present you with this cash sum of $1500."

What would you do?

Re:nor would I accept it (1)

clone53421 (1310749) | more than 3 years ago | (#33163194)

Accept the money and donate it to the Humane Society. Then call up the local news, they’d likely want to report on it.

Re:nor would I accept it (1)

FuckingNickName (1362625) | more than 3 years ago | (#33163322)

The Humane Society does their report. The Puppy Killing Party counterbalances by indicating that they're not for anything inhumane, just campaigning in support of outright killing of puppies. Hell, they've proven how much they are against anything truly evil by happily giving a cash sum to you to donate to the Humane Society. The Party leader gives another $500 to show how much he cares.

And the tenth time that the Humane Society receives a $1500 donation from the Puppy Killing Party thanks to your work, how do you think things will be playing out?

When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.

Re:nor would I accept it (1)

clone53421 (1310749) | more than 3 years ago | (#33163642)

I’m pretty sure the Humane Society is also against the outright killing of puppies, so your argument is completely ridiculous. And the tenth time the Humane Society receives a $1500 donation, they will have $15,000 worth of the Puppy Killing Party’s money that I have no doubt they will gladly put to better use than the Puppy Killing Party would have.

When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.

Sometimes you have no choice but to accept the payment and continue to do the work. [kmbz.com]

Re:nor would I accept it (1)

FuckingNickName (1362625) | more than 3 years ago | (#33163832)

I’m pretty sure the Humane Society is also against the outright killing of puppies,

What does "outright killing" mean? That puppies in general shouldn't be killed? We at the Puppy Killing Party of America don't believe that a puppy should necessarily be killed on sight. No, we have a set of rational criteria for puppy control. If a sensible proportion of puppies are killed, remaining puppies have the strength and resources to be properly looked after. Whereas many American so-called "humane" societies are happy to kill puppies at the request of the owner - though they'll use words like "euthanasia" and give the dog the indignity of dying in a white room with a needle - we believe in the right for humans to enjoy animal sports.

Because we're fundamentally both in favour of puppy killing, we are happy to donate this money through clone54321, who has done so much work for our cause over the past few months. Thanks to his work, our puppy-killing is now 15% more efficient.

Sometimes you have no choice but to accept the payment and continue to do the work.

Equivocation. Mine is a moral (free) choice, whereas in that case it was afaict required by law to run the ads.

Re:nor would I accept it (1)

Sir_Lewk (967686) | more than 3 years ago | (#33164342)

When you start discussing the finer points of the ethics of killing puppies, you can be pretty sure that your analogy has become unwieldy.

Seeing as you are not BadAnalogyGuy (or are you??), I advise that you just let it die...

Re:nor would I accept it (1)

FuckingNickName (1362625) | more than 3 years ago | (#33164600)

"Give a small amount of money to a charity which is perceived as opposing you," is a classical tactic, accompanied by rhetoric (not my opinion!) to disguise the organisation's true mission. What matters here is how the de facto public relations officer for the Puppy Killing Party feels about his position.

The PKP will continue giving money as long as the drop in an ocean payment to the Humane Society continues giving such great publicity.

Re:nor would I accept it (1)

clone53421 (1310749) | more than 3 years ago | (#33164672)

Publicity !== good publicity.

Re:nor would I accept it (1)

SleazyRidr (1563649) | more than 3 years ago | (#33166222)

When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.

Unless you've entered into a contract, that doesn't hold.

If I help fix your car, and you 'pay me' with a six pack of beer we're done. If you then use that car to run over orphans I won't return the beer on moral grounds. I would however refuse to help you fix your car again. (I would have refused you in the first instance if I'd known what you were going to do, but one can only act on the knowledge one has at the time.)

To fit into your analogy, I graciously accept the $2000 from the PKP, then refuse to help them again.

Re:nor would I accept it (1)

SleazyRidr (1563649) | more than 3 years ago | (#33166074)

I can see where your mindset is, but your morality should define what you do, not whether or not you get paid for it. By helping an organisation with whom you disagree, you've already betrayed your morality, so you may as well get something for it.

Re:nor would I accept it (0)

Anonymous Coward | more than 3 years ago | (#33166448)

Benefiting from some organization of which you disapprove is morally bankrupt

benefits TO such an organization is wrong; taking money from them is the opposite

No Money (1)

helix2301 (1105613) | more than 3 years ago | (#33162224)

The true geek will not take the money. They respect open source and want to help the open source community. Plus it's fun to find holes in software. No to mention firefox is such a great browser why not try and make it better.

That's why I'm not a geek. (-1, Troll)

Anonymous Coward | more than 3 years ago | (#33162660)

I'm a Systems Administrator.

You offer me money, I'm taking it.

You offer me enough money, maybe I don't delete the porn that you stashed on the network storage.

(What? I learned from the best. All glory to the Bastard.)

Re:No Money (1)

WhitePanther5000 (766529) | more than 3 years ago | (#33162838)

That's all well and good, but don't generalize. Bug fixers gotta eat too, ya know.

Re:No Money (0)

Anonymous Coward | more than 3 years ago | (#33164564)

The true geek will not take the money.

Unlike the true Scotsman, who will borrow the money.

What Nobel people... (0, Flamebait)

Itninja (937614) | more than 3 years ago | (#33162246)

I have heard that the Nobel prize people will call and ask someone if they would accept the prize if it were offered them. If they say yes, then it's "Great! You have been offered a Noble Prize in %category%!". But if the potential winner indicates they are not really interested in material prizes, they just never offer the prize at all. That way they can say no one has ever turned down a Nobel.

I wonder if the Firefox people do the same thing in reverse. They would call the potential bounty winners (maybe just those in $1000+ range) and say something like "Hi there. This security bug you found might be worth a decent size bounty. If we offered it to you, would you actually take our money or or do something noble and selfless like allowing us to donate it? ". If the winner says they would probably just donate it, then it's all "Super! We will donate it! You're the best". If they take the money then it's "No problem. We offer you $50 for this.".

Of course I seriously doubt this happens at all. But it's fun to start vicious rumors about non-profits >:)

Something more desired than cash. (5, Funny)

shadowrat (1069614) | more than 3 years ago | (#33162372)

These guys are probably finding bugs in Mozilla to get laid. I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots, basketball players, and CIA agents at the bar when I tell them about a DOM parsing error i discovered!

To seal the deal i tell them i didn't want the money as i'm already super rich. Tomorrow i leave for africa to help impoverished children install Ubuntu.

Re:Something more desired than cash. (1)

Maarx (1794262) | more than 3 years ago | (#33164082)

These guys are probably finding bugs in Mozilla to get laid. I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots, basketball players, and CIA agents at the bar when I tell them about a DOM parsing error i discovered!

To seal the deal i tell them i didn't want the money as i'm already super rich. Tomorrow i leave for africa to help impoverished children install Ubuntu.

From Ubuntu (philosophy) [wikipedia.org]

Ubuntu is an ethic or humanist philosophy focusing on people's allegiances and relations with each other. The word has its origin in the Bantu languages of southern Africa. Ubuntu is seen as a classical African concept. The Ubuntu operating system was named for this principle.

Re:Something more desired than cash. (1)

Monkeedude1212 (1560403) | more than 3 years ago | (#33164246)

Oh man, and I thought MY post was clever.

This made my day.

Re:Something more desired than cash. (0)

Anonymous Coward | more than 3 years ago | (#33165042)

I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots

My wingmen are fighter pilots, you insensitive clod!

Percentage at work? (1)

GoJays (1793832) | more than 3 years ago | (#33162446)

What percentage of the individuals who find a bug are currently on work time? If 10% of found bugs are on work time then they may not be able to accept cash from another company while being paid by their current employer. Discovering a bug on work time just means you are doing your job.

They turn down the money because... (0)

Anonymous Coward | more than 3 years ago | (#33162534)

...having not to use IE is priceless.

Some even find bugs and donate money to mozilla to keep preventing them from having to use IE.

One good reason to refuse cash... (0)

Anonymous Coward | more than 3 years ago | (#33163942)

... is because you'll have to pay more taxes and you don't want more money being used to kill Afghan civilians.

(That is if you live in a crappy country like the US).

I'd take an official "I found a bug T-shirt" (0)

Anonymous Coward | more than 3 years ago | (#33164122)

How about a T-shirt that says "I found a Mozilla security bug" T-shirt that includes a GPG-signed copy of your name and the message from the Mozilla foundation.

Costs $10 for the Mozilla foundation, and is worth way more in bragging rights than a couple of hundred/thousand bucks.

Just sayin'

Always take the cash! (0)

Anonymous Coward | more than 3 years ago | (#33164644)

Dumb. Take the cash, donate it back, deduct it from your taxes.

In other news (3, Insightful)

Zepalesque (468881) | more than 3 years ago | (#33166340)

Almost 90% of Mozilla Bug Finders Accept Cash Reward!

Microsost wont pay.... (1)

Methuselus (1011511) | more than 3 years ago | (#33166504)

because they'd go broke
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...