Seeking opinions on Bug Bounties and whether they are 'good' for society/'bad' for society/inbetween/why?

Bug Bounty looks like a good way to earn money.

I'm more interested in wondering about the 'societal goals' of bug bounty work. And where the 'industry' ends up in 10-20 yrs.

For example: you could say bugs have, in the past, been a way to either 'fuck the system', or at least to say 'the system can be fucked' or 'look how fucked the system can be'. And most of bug bounties is helping out already rich-and-powerful corporations, which some could argue already have too much wealth, too much power. Maybe even so much power that the largest companies help maintain power over everyday citizens. The idea that: corporations are just as, or more powerful than governments, or work in tandem with governments to maintain the power i'm talking about.

On the other side, I imagine, people could say "well if you find bugs in software through a bug bounty system: you are protecting the everyday computer user from being exploited by data-breach etc."

Can bug bounty be generalised into one of these two camps? Are you more on one side of the fence than the other? I ask because I do not know all that much about this and am not sure what side of the fence I am on. I am mostly wondering about bug bounty as a phenomenon, and where it goes in 20 yrs time? do all corporations in 20 years time essentially 'own' all the top bounty hunters? do they put them up in big mansions and employ the bounty hunters just for their own company? might be a bad question but i wonder where the bug bounty system goes. It is helping massive corporations out isnt it. do they need the help? or is it helping everyday users? can such a generalization be made?

So I am wondering if anyone has a strong opinion about Bug Bounty? In terms of value to society or whatever your value system may be.

submitted by /u/Adept_Ad_8458
[link] [comments]

from hacking: security in practice https://ift.tt/3p75mLp

Comments