For Mozilla, Google and Bug Hunters, Bug Bounties Are Big Business

by Sam Dean - Jun. 20, 2011Comments (1)

We've written before about bug bounties--cash prizes offered by open source communities to anyone who finds key software bugs--ranging from FOSS Factory's bounty programs to the bounties that both Google (for the Chrome browser) and Mozilla offer. Over time, these cash rewards for the identification of software problems have become essential parts of the quality control process for many major open source projects, and not just browsers. Now, some interesting, specific information is emerging about exactly which kinds of bug discovers are capitalizing on this trend. You may be surprised at what some of the big earners in the bug bounty business are paid for their efforts.

Just how large are the bug bounties paid by Google and Mozilla to people who find defects in their browsers? BBC News reports that Mozilla started its bug bounty program in 2004, and its top prize for finding a significant bug in Firefox is $3,000. Since 2004, Mozilla has reportedly paid out about $40,000 per year for found bugs. Meanwhile, BBC News reports that Google has paid out $50,000 in bug bounties for the Chrome browser. Mozilla and Google also supplied specific information about the top bug hunters:

 "[Mozilla's] top earner is a student in Germany who has bagged more than $30,000 (£18,000) from a series of discoveries. This year Russian programmer Sergey Glazunov became the first person to claim Google's highest bounty of $3133.70 (£2,000) for finding a weakness in its Chrome browser."

Not surprisingly, Google and Mozilla have been steadily increasing bug bounties over time, and Mozilla has expanded its bug bounty program beyond just the Firefox browser. 

It's confirmed that companies that know how to do open source well are having success with these bug bounties. Smaller players have latched onto the trend as well, and the cash-for-bugs game appears to be extending its reach as far as the eye can see.



Randy Clark uses OStatic to support Open Source, ask and answer questions and stay informed. What about you?



1 Comments
 

I like those bug bounties, it really helps perfect the software.


0 Votes
Share Your Comments

If you are a member, to have your comment attributed to you. If you are not yet a member, Join OStatic and help the Open Source community by sharing your thoughts, answering user questions and providing reviews and alternatives for projects.


Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!