More Than 10% of Mozilla Bug Finders Refuse Cash

← Back to Stories (view on slashdot.org)

More Than 10% of Mozilla Bug Finders Refuse Cash

Posted by Soulskill on Friday August 6, 2010 @02:29AM from the never-underestimate-the-power-of-free-swag dept.

angry tapir writes "The open-source Mozilla project has been offering cash bounties for security bugs for six years now, but often bug finders simply turn down the cash. Between 10 percent and 15 percent of the serious security bugs reported since Mozilla launched its bug bounty program have been provided free of charge, according to Mozilla."

115 comments

Min score:

Reason:

Sort:

More evidence... by fuzzyfuzzyfungus · 2010-08-06 02:31 · Score: 5, Funny

More evidence, if any were needed, that "Open Source" software is a sinister communist plot that defies all sound economic principles.

Sincerely,
S. Ballmer.
1. Re:More evidence... by jornak · 2010-08-06 02:35 · Score: 1
  
  Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.
2. Re:More evidence... by VJ42 · 2010-08-06 02:45 · Score: 4, Insightful
  
  Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.
  That's effectively what they're doing - the 'charity' of their choice being the Mozilla foundation.
  
  --
  If I have nothing to hide, you have no reason to search me
3. Re:More evidence... by somegeekynick · 2010-08-06 02:46 · Score: 1
  
  Charity? Do you mean like the Mozilla Foundation?
4. Re:More evidence... by jornak · 2010-08-06 02:48 · Score: 1
  
  I was thinking of something more along the lines of OLPC or any of those charitable organizations that help spread technology to people/places that regularly wouldn't have access to it.
5. Re:More evidence... by Anonymous Coward · 2010-08-06 02:52 · Score: 2, Informative
  
  Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of their choice. Just sayin'.
  Maybe you should read the article?
  "A lot of people would say, 'Don't worry about it. Donate it to the EFF [Electronic Frontier Foundation] or just send me a T-shirt,'"
6. Re:More evidence... by Seumas · 2010-08-06 02:53 · Score: 1
  
  Nothing is stopping the bug-hunters from accepting the cash and donating it.
7. Re:More evidence... by AHuxley · 2010-08-06 03:01 · Score: 1
  
  Surgical kits, adult literacy, tropical medicine, animals, eye clinics, food banks, a laptop as a gift, lots of Ubuntu ect.
  
  --
  Domestic spying is now "Benign Information Gathering"
8. Re:More evidence... by maxume · 2010-08-06 03:04 · Score: 2, Insightful
  
  It's a non-profit organization. That doesn't make it a charity, it just means it has a special tax status.
  The fact that they accept donation gives some credence to the idea of calling them a charity; that they make far more money from their business activities at least makes it questionable.
  
  --
  Nerd rage is the funniest rage.
9. Re:More evidence... by Anonymous Coward · 2010-08-06 03:08 · Score: 0
  
  You mean like the Mozilla foundation for providing the free web browser that many of those efforts use?
10. Re:More evidence... by clone53421 · 2010-08-06 03:10 · Score: 1
  
  It is creating something valuable (Firefox, etc.) and giving it away free of charge. Charities give away things free of charge. They’re not terribly different... the only differences are what they’re giving away and who they’re giving it to and under what conditions or circumstances.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
11. Re:More evidence... by kg8484 · 2010-08-06 03:10 · Score: 5, Insightful
  
  Ah, so what you really meant is:
  
  Y'know if they wanted to refuse the cash... instead of letting Mozilla keep it, have them donate it to the charity of my choice. Just sayin'.
12. Re:More evidence... by somegeekynick · 2010-08-06 03:13 · Score: 5, Informative
  
  I realise that we might only end up debating semantics and matters concerning law (*shudder*) but, for what it's worth,
  
  The Mozilla Foundation, which is registered as a charity in the United States...
  Source And, California registration by the Mozilla Foundation as a charitable trust.
13. Re:More evidence... by Anonymous Coward · 2010-08-06 03:38 · Score: 1, Interesting
  
  Sure there is. Many of them probably are doing their work for a company. Major companies generally have positions on this that would preclude the "finder" from accepting (even for that moment required to donate it) any kind of a bonus or fee for their work since they were already paid for their work by their employer. I am pretty sure that explains this 10 - 15 percent right there. Not altruism. They are just constrained not to accept. Others are probably also constrained but choose to ignore their company policy.
14. Re:More evidence... by clarkkent09 · 2010-08-06 03:39 · Score: 2, Informative
  
  a) 90% accept cash for their work. Evil bastards!
  
  b) Talking about socialism, good thing we don't have unions in software industry or they wouldn't look too kindly on all these people working for free.
  
  --
  Negative moral value of force outweighs the positive value of good intentions.
15. Re:More evidence... by Peter+Bortas · 2010-08-06 03:41 · Score: 1
  
  That would then make Opera Software (to take an example in the same domain) a charity using the same test.
16. Re:More evidence... by clone53421 · 2010-08-06 03:49 · Score: 1
  
  I’d omitted/forgotten that a charity also needs to be a non-profit organisation (as maxume had already noted that Mozilla Foundation is a NPO) – perhaps I should have included it.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
17. Re:More evidence... by jellomizer · 2010-08-06 04:48 · Score: 1
  
  What I really want to know is how many of the people who Got Paid for fixing a serious bug fix were the ones who made it in the first place, or were they the ones that didn't take the money for the fix (as a matter of ethical pride)
  10% really isn't that much.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
18. Re:More evidence... by ffnogoodnik · 2010-08-06 05:40 · Score: 1
  
  People did not get paid for fixing the bug, they got paid for finding it.
19. Re:More evidence... by Snaller · 2010-08-06 07:07 · Score: 2, Insightful
  
  Bullshit. The Mozilla foundation is not a charity nor is giving them money charity.
  
  --
  If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
20. Re:More evidence... by Anonymous Coward · 2010-08-06 07:37 · Score: 0
  
  Um, I'm sure you're wrong. I doubt many of these people overly care about Mozilla Foundation in particular; Chrome bug reporters similarly refuse money. They just refuse to take money for their services. Maybe you've heard of scientists doing the same? It's a shared (minority) opinion in the security industry.
  
  In fact, I think this attitude -- not philanthropy or altruism, but more like mutual aid; an unselfish action without concern for another -- is the natural human response, and it isn't until one becomes cynical and accustomed to our trade-oriented capitalist world that one expects payment in return for services. To this group, accepting recompense is like a besmirch on one's honor; it makes them feel guilty and sullied to even think about it.
  
  Anyway, it's amusing to see so many Slashdotters aghast at the notion of doing hard and laborious work for free.
21. Re:More evidence... by radish · 2010-08-06 07:56 · Score: 1
  
  Well of course it depends on your definition of "charity", but under general US/IRS usage, yes they are.
  
  --
  ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
22. Re:More evidence... by mobby_6kl · 2010-08-06 08:12 · Score: 1
  
  IANAL, although I did have an intro course on US business law. The Mozilla foundation appears to be a non-profit, and not a charity, as you claim. There's a difference between the two.
  Also, Mozilla Corporation is a for-profit subsidiary of the former, though I'm not sure if they're actually the ones giving out these bounties.
23. Re:More evidence... by mobby_6kl · 2010-08-06 08:23 · Score: 1
  
  Well fuck me, I might be wrong here. Somebody way down the thread posted a link to California registration of "charitable funds". I'm too hungry to decipher the 30 pages right now, but it very well might be a charity, at least legally by California's registration.
24. Re:More evidence... by Anonymous Coward · 2010-08-06 08:25 · Score: 0
  
  If you want the money to go to a charity, YOU should accept the payment and handle the transaction yourself. Why do you want to burden the Mozilla foundation (in time and money) with doing your good deed?
  Just sayin'.
25. Re:More evidence... by dubdays · 2010-08-06 08:49 · Score: 1
  
  Just an FYI...From the Mozilla website: "The Mozilla Foundation is a California non-profit corporation exempt from federal income taxation under IRC 501(c)3. Donations are tax deductible for U.S. citizens. For donors outside of the United States, please consult with your tax advisor about whether your donation will be tax deductible."
But 90% accept the cash... by Anonymous Coward · 2010-08-06 02:32 · Score: 1, Insightful

Another nail in the coffin of socialism. Cash is the ultimate motivator.
1. Re:But 90% accept the cash... by bsDaemon · 2010-08-06 02:52 · Score: 4, Interesting
  
  That's not necessarily true. Is 10% higher or lower than in previous years? Is the data such that a trend can be measured? besides, I wouldn't say that cash is necessarily the a direct motivator. Identifying that a bug exists is often times easier than being able to fix it, and tipping off the people who are in a position to fix a problem in a piece of software you rely on is also a valid motivation.
  Alternatively, getting your name out there as someone who is smart and gets things done can and often does lead to other opportunities.
2. Re:But 90% accept the cash... by Bloopie · 2010-08-06 02:53 · Score: 1
  
  So volunteers working for free is now called socialism?
3. Re:But 90% accept the cash... by wisnoskij · 2010-08-06 02:55 · Score: 1
  
  Accepting offered cash does not mean that was the motivation of finding the bug in the first place.
  
  --
  Troll is not a replacement for I disagree.
4. Re:But 90% accept the cash... by FudRucker · 2010-08-06 03:05 · Score: 1
  
  naw, i am semi-retired, i own a 10 wheeler dump truck that can haul 10 square yards of sand, gravel or dirt/top-soil, i work it when i want to so i am not desperate for money, if i found a bug or vulnerability in any open source software that is free i will submit a bug report through the usual channels for free, since they are good enough to give me free software i will return the favor to help them improve the product for free, (sounds fair to me and most everyone else)
  
  --
  Politics is Treachery, Religion is Brainwashing
5. Re:But 90% accept the cash... by AHuxley · 2010-08-06 03:11 · Score: 1
  
  Philanthropy has family or band name value, the tax bonus and endless feel good publicity. Anonymous volunteers working for free are unfair competition in many areas.
  
  --
  Domestic spying is now "Benign Information Gathering"
6. Re:But 90% accept the cash... by spydabyte · 2010-08-06 03:27 · Score: 1
  
  By your comment I cannot tell if you are a developer or someone not related to computers at all. Bug finding is not an easy task by any measure. Talk to your local Test Engineer.
7. Re:But 90% accept the cash... by El_Muerte_TDS · 2010-08-06 03:27 · Score: 2, Insightful
  
  There are no statistics of how many people who accept the cash donate it to other open source projects who need the cash.
8. Re:But 90% accept the cash... by think_nix · 2010-08-06 03:39 · Score: 1
  
  That's not necessarily true. Is 10% higher or lower than in previous years? Is the data such that a trend can be measured? besides, I wouldn't say that cash is necessarily the a direct motivator. Identifying that a bug exists is often times easier than being able to fix it, and tipping off the people who are in a position to fix a problem in a piece of software you rely on is also a valid motivation.
  Alternatively, getting your name out there as someone who is smart and gets things done can and often does lead to other opportunities.
  Not only your last statement but /*I*/ refuse cash back . It is OSS so giving back is /*my personal*/ way of thanking the rest of the community for their hard work and developing a very good product as a whole , improving that product and also giving free alternatives to commercial software is the main thing /* imho*/.
9. Re:But 90% accept the cash... by Anonymous Coward · 2010-08-06 03:40 · Score: 0
  
  I don't get it. How do you get "socialism" out of turning down a reward or payment? Is that what socialists do?
10. Re:But 90% accept the cash... by think_nix · 2010-08-06 03:41 · Score: 1
  
  Accepting offered cash does not mean that was the motivation of finding the bug in the first place.
  devs have to eat right ?
11. Re:But 90% accept the cash... by bsDaemon · 2010-08-06 03:53 · Score: 1
  
  I admin FreeBSD and Linux systems and do a bunch of q/a work on FreeBSD-based "black box" type networking devices for a specific type of client. I don't do a lot of dev work, what I do is mostly in Perl and BASH. I didn't mean to suggest that finding the bug in the code is easy, but that knowing when there is a problem is easier than doing anything about it.
  My roll in q/a involves a lot of use-case testing, and gathering packet capture and log information for use in debugging any potential issues before a production release is rolled out. I don't do any patching of the C code base, in fact it's been months since I've had to use C for anything that wasn't just for fun.
12. Re:But 90% accept the cash... by underqualified · 2010-08-06 05:16 · Score: 1
  
  sex > cash
13. Re:But 90% accept the cash... by mcgrew · 2010-08-06 07:25 · Score: 1
  
  Like the Freak Brothers said back in the seventies, "Dope will get you through times of no money better than money will get you through times of no dope.
  Sex == cash.
  
  --
  Free Martian Whores!
14. Re:But 90% accept the cash... by Anonymous Coward · 2010-08-06 08:54 · Score: 0
  
  hcc: missing subject in line 1, sentence 1: "Not only your last statement but refuse cash back ."
Actually by Monkeedude1212 · 2010-08-06 02:33 · Score: 5, Funny

There was a bug in the bug submit form. I couldn't check off the box at the bottom that said "Wants Cash".
Does that form work in Netscape?
1. Re:Actually by Winckle · 2010-08-06 02:34 · Score: 4, Funny
  
  Only in IE6 i'm afraid. :(
2. Re:Actually by Drumster · 2010-08-06 02:40 · Score: 1
  
  LOL
3. Re:Actually by shadowrat · 2010-08-06 06:58 · Score: 1
  
  that post WAS clever.
Goddamn Beatles! by denzacar · 2010-08-06 02:36 · Score: 1

And their subliminal programing.

--
Mit der Dummheit kämpfen Götter selbst vergebens
Job may not allow you to accept cash bounty by catherder_finleyd · 2010-08-06 02:43 · Score: 5, Informative

If one were to find the bug in the course of one's job, the employer may not allow you to accept a cash bounty. This is certainly the case in the US Federal Government, as well as many Federal Contractors.
1. Re:Job may not allow you to accept cash bounty by clone53421 · 2010-08-06 03:14 · Score: 1
  
  Reproduce the bug from home and send in the error report from there. You aren’t supposed to be using unapproved software anyway, and Firefox probably isn’t approved and installed on the computers by the IT department in most workplaces. Although, admittedly, the IT department might turn a blind eye toward people so long as they aren’t causing other problems.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
2. Re:Job may not allow you to accept cash bounty by thejam · 2010-08-06 03:14 · Score: 3, Insightful
  
  Also, your work visa may not allow you to accept cash for work of another employer.
3. Re:Job may not allow you to accept cash bounty by plcurechax · 2010-08-06 03:41 · Score: 2, Informative
  
  The situation may also become marginal or not worth the effort for foreigners to accept the cash, if they need to hire a tax lawyer to deal with foreign income, as most countries don't consider foreign prizes ("windfall") or "bounties" as tax-free (or zero-rate tax rate) income.
  Let alone you live / work in a country that is not trusting of US Government and US organizations (think: Cuba, China, Philippines, Latin America), may consider it "proof" of being a spy. Why else would some foreign US non-profit organization group just "give" you money, you capitalist whore?
4. Re:Job may not allow you to accept cash bounty by Anonymous Coward · 2010-08-06 04:13 · Score: 1, Insightful
  
  My personal experience is that developers at many or most US federal contractors have no problems running Firefox.
  Many workplaces will relax such rules for workers who develop software as part of their jobs, and these are the individuals who will be finding bugs in the first place.
"Often"? by Thats_Pipe · 2010-08-06 02:43 · Score: 3, Insightful

"... often bug finders simply turn down the cash. Between 10 percent and 15 percent ..."

Not too sure what connotations "often" has for others but 10-15% doesn't really seem that "often"

--
"You see them trees out back, I take care of them. I'm a tree, I'm a tree wizard." - Crazy Homeless Guy
1. Re:"Often"? by Anonymous Coward · 2010-08-06 02:45 · Score: 0
  
  It's pretty often when you consider that they're turning down cash for spending time finding bugs. I don't know about you but I'd be glad to take that cash off their hands.
2. Re:"Often"? by correnos · 2010-08-06 02:51 · Score: 5, Insightful
  
  In the context of "here have some cash", 15% is pretty often.
3. Re:"Often"? by Anonymous Coward · 2010-08-06 03:07 · Score: 0
  
  If one is hit by lightning every week, one would feel that one is often abused by Thor/Zeus/Mother Nature.
  always > usually > often > occasionally > (rarely=seldom) > once in blue moon > never
  BTW the "captcha" to submit this post was "decency" ;-)
4. Re:"Often"? by easterberry · 2010-08-06 03:09 · Score: 1
  
  You seem to be confusing "often" with "more often than not". They aren't the same thing.
5. Re:"Often"? by MaWeiTao · 2010-08-06 03:30 · Score: 1
  
  I just looked up "often" in the dictionary. The definition provides reads, "frequently, many times".
  I'd say you're unclear on the definition of often.
  10%-15% may be more often than expected, but by no stretch of the imagination is it often.
6. Re:"Often"? by Anonymous Coward · 2010-08-06 03:33 · Score: 0
  
  You'd be amazed what people will do for free. Exhibit A: Go to any bar on a Friday night and see who provides "free" services, works best near closing time when the female patrons are drunk and lonely.
7. Re:"Often"? by Twillerror · 2010-08-06 03:35 · Score: 1
  
  I've never taken accounting, but when money is involved generally saying 10-15% is not a good idea.
  ( Number of bugs people who refused/Number of bugs submitted ) * 100
  So if 1 person refused out of 4.
  ( 1 / 4 ) * 100 .25 * 100
  25
  25%
  How can they only estimate 10-15%? Seems like a feeling more than a concrete report.
8. Re:"Often"? by JLennox · 2010-08-06 03:53 · Score: 1
  
  If this was Microsoft it would be "15% of people refuse blood money"
9. Re:"Often"? by clone53421 · 2010-08-06 03:55 · Score: 1
  
  It probably depends on whether you calculate it based on the number of bugs whose finder refused cash or the number of researchers who refused cash for the bug reports they had submitted. The article states that over 120 bugs have been found by about 80 researchers – some of the researchers submitted more than one bug.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
10. Re:"Often"? by clone53421 · 2010-08-06 03:58 · Score: 1
  
  Both “frequently” and “many” are relative terms. You can have something occur more or less frequently than expected, or more or fewer times than expected.
  “More often than not” is unambiguous and definite.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
11. Re:"Often"? by clone53421 · 2010-08-06 04:05 · Score: 1
  
  I’m personally all for accepting free blood money. You can probably put it to a more worthy use (or less destructive one, should we say) than they would if you refused it, after all.
  If you want to make a point about it, it’s more effective to accept the money then turn around and give it to a charity that the blood-money givers would disapprove of.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
12. Re:"Often"? by mobby_6kl · 2010-08-06 05:47 · Score: 1
  
  They are relative, but not completely meaningless. If you plot "often", "frequently" and perhaps "many times" on a scale from 0 to 100% ("never" to "always"), I, and I'd imagine... most people would expect to find all of the three significantly further to the right than the first tenth or 15%. The article (or the summary, I didn't RTFA) attempts to spin the story to make it sound like a higher number than it actually is.
  I suggest some alternative headlines:
  "Almost 90% of people take money from a non-profit for submitting bugs",
  or
  "Only about 10% of bug finders volunteer their effort for free".
13. Re:"Often"? by clone53421 · 2010-08-06 06:09 · Score: 1
  
  What’s misleading about “More Than 10% of Mozilla Bug Finders Refuse Cash”?
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
14. Re:"Often"? by mobby_6kl · 2010-08-06 08:04 · Score: 1
  
  That headline is not too bad, "more than" of course means just that, a>b, but it is often used similarly to "up to". The actual number can be 10.01% and it would be still technically accurate, which is admittedly the best kind of accurate.
  Mostly though, it's just the perception that it gives the reader. Would you not say that it makes this result sound good, while, let's say, "More Than 85%* of Mozilla Bug Finders Take the Cash" paint a somewhat different picture?
  *Note that this is based on their highest estimate too
15% is not a lot by drHirudo · 2010-08-06 02:47 · Score: -1, Redundant

"Between 10 percent and 15 percent" is not often in my math books. More than 50% may be considered often. Btw the latest 3.6.8 FireFox I have installed is a crash fest for me and crashes several time per day, without extensive surfing.
1. Re:15% is not a lot by Thiez · 2010-08-06 02:56 · Score: 4, Interesting
  
  It's more often than one would expect. If I walked around handing out free cash, and 49% of people refused it (that is, less than 'may be called often' according to you), that is still much more often than most people would expected.
  Finding bugs could be considered a job. If 10 to 15% of people don't expect to be paid for their work, wouldn't you agree that's significantly more than expected?
2. Re:15% is not a lot by Anonymous Coward · 2010-08-06 02:56 · Score: 1, Informative
  
  https://developer.mozilla.org/en/How_to_get_a_stacktrace_for_a_bug_report
  https://developer.mozilla.org/en/Bug_writing_guidelines
3. Re:15% is not a lot by bsDaemon · 2010-08-06 03:02 · Score: 1
  
  I'd say ~20% for often. 50%+ is "usualy" and over 75% can be "most of the time" with "nearly always" reserved for over 90%. So, depending on how you want to spin this, it can be "bug submitters nearly always accept cash," or "often times, bug submitters reject cash" (rounding 15% up to 20% for often-ness). But, as I noted in a previous post, the important thing is which way the numbers are trending, not necessarily what the numbers are, when determining how good news this is. The story title is actually pretty "fair and balanced" with how it frames it.
4. Re:15% is not a lot by xenapan · 2010-08-06 03:35 · Score: 1
  
  I work in software, so do alot of my friends, a few of em also exclusively do bug finding. Guess how often one of them tells their employer they dont want their salary? Pretty sure 10-15% is often when it comes to a job.
  
  --
  insert funny sig here
5. Re:15% is not a lot by Anonymous Coward · 2010-08-06 08:28 · Score: 0
  
  > If I walked around handing out free cash, and 49% of people refused it
  > (that is, less than 'may be called often' according to you), that is still
  > much more often than most people would expected.
  In an old candid camera skit, someone tried that on TV. Had a wad of bills (today's value maybe $2), stood on a busy street corner, approaching passers by, waving a bill, saying "Fiver? Want a fiver? Here! Take a fiver! It's free!"
  A vast majority of people gave him a wide berth and a dirty suspicious look - what category of a loon are you exactly?
Multiple reasons by randomencounter · 2010-08-06 02:52 · Score: 1

Some people may not be able to accept the bounty, and others may simply feel they have already gotten sufficient value (free browser!).
Though even those with altruistic motives would find it hard to turn down $3000.

--
Forget diamonds, copyright is forever.
1. Re:Multiple reasons by shadowrat · 2010-08-06 03:16 · Score: 1
  it's $3000! holy shit!
  
  step 1: contribute bug to mozilla
  step 2: report bug
  step 3: go directly to PROFIT!
nor would I accept it by FuckingNickName · 2010-08-06 02:53 · Score: 3, Interesting

I've helped out in projects which help the wider community but which are controlled in some way by organisations which I do not approve of. In such cases, I refuse to take anything but expenses. Benefitting from some organisation of which you disapprove is morally bankrupt, but helping out a good cause which happens to be promoted by that organisation is a fine act.
To do a bit of occupatio:
1. No, the effort in finding the bug isn't an expense, unless you're one of those consumer-citizen types who translates each hour into some cash value;
2. Something exists outside of its ownership. It is not inconsistent to judge that Firefox is good but the Mozilla Foundation is bad.
1. Re:nor would I accept it by Anonymous Coward · 2010-08-06 03:02 · Score: 2, Funny
  
  this post took me 27 seconds to read... you owe me $1.75.
2. Re:nor would I accept it by Anonymous Coward · 2010-08-06 03:19 · Score: 0
  
  You really expect me to believe you are worth $233.33 an hour?
3. Re:nor would I accept it by shadowrat · 2010-08-06 03:22 · Score: 1
  
  but nothing helps organizations more than getting something for free. what's better for BP? if the community all went down and cleaned up the gulf for free? or if they had to pay through the ass to clean it up?
  
  (a lot of my tax dollars went to cleaning, i support that, but i would support BP paying me back w interest)
4. Re:nor would I accept it by Yvanhoe · 2010-08-06 03:32 · Score: 1
  
  I personally consider moral to do the opposite : provide for free a service to an organization you approve of, make pay organizations you disapprove of. I am not sure how this "moral bankruptcy thing" works.
  
  --
  The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
5. Re:nor would I accept it by FuckingNickName · 2010-08-06 03:36 · Score: 1
  
  Assuming that some community of volunteers could reasonably do the work, then it depends on whether you think clearing up the oil spill or spiting BP is more important.
  The poorest people in the world need to be left to suffer slow death by starvation, because helping them will only encourage their corrupt governments, right?
6. Re:nor would I accept it by Aliotroph · 2010-08-06 03:37 · Score: 1
  
  If you're going to fix the bugs anyway then why not take the money and put it into an organization you do support?
7. Re:nor would I accept it by Duradin · 2010-08-06 03:45 · Score: 1
  
  More papers to deal with at tax time.
8. Re:nor would I accept it by FuckingNickName · 2010-08-06 04:00 · Score: 1
  
  Imagine that the Puppy Killing Party of North America (Republican/Democrat/ADL/ADC/AMI/PETA/whatever sinks your boat) saw that you happened to do something in some way aligned with their mission, even if not directly killing puppies.
  They approached you and said, "On behalf of the puppy killers of North America, we're happy with what you've done and we'd like to present you with this cash sum of $1500."
  What would you do?
9. Re:nor would I accept it by shadowrat · 2010-08-06 04:06 · Score: 1
  
  Well, the important task is to clean/help. Finger pointing and punitive measures aren't going to address the situation. However, I don't see it as morally bankrupt to be compensated for that help.
10. Re:nor would I accept it by clone53421 · 2010-08-06 04:06 · Score: 1
  
  Accept the money and donate it to the Humane Society. Then call up the local news, they’d likely want to report on it.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
11. Re:nor would I accept it by FuckingNickName · 2010-08-06 04:14 · Score: 1
  
  The Humane Society does their report. The Puppy Killing Party counterbalances by indicating that they're not for anything inhumane, just campaigning in support of outright killing of puppies. Hell, they've proven how much they are against anything truly evil by happily giving a cash sum to you to donate to the Humane Society. The Party leader gives another $500 to show how much he cares.
  And the tenth time that the Humane Society receives a $1500 donation from the Puppy Killing Party thanks to your work, how do you think things will be playing out?
  When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.
12. Re:nor would I accept it by clone53421 · 2010-08-06 04:32 · Score: 1
  
  I’m pretty sure the Humane Society is also against the outright killing of puppies, so your argument is completely ridiculous. And the tenth time the Humane Society receives a $1500 donation, they will have $15,000 worth of the Puppy Killing Party’s money that I have no doubt they will gladly put to better use than the Puppy Killing Party would have.
  
  When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.
  Sometimes you have no choice but to accept the payment and continue to do the work.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
13. Re:nor would I accept it by FuckingNickName · 2010-08-06 04:47 · Score: 1
  
  I’m pretty sure the Humane Society is also against the outright killing of puppies,
  What does "outright killing" mean? That puppies in general shouldn't be killed? We at the Puppy Killing Party of America don't believe that a puppy should necessarily be killed on sight. No, we have a set of rational criteria for puppy control. If a sensible proportion of puppies are killed, remaining puppies have the strength and resources to be properly looked after. Whereas many American so-called "humane" societies are happy to kill puppies at the request of the owner - though they'll use words like "euthanasia" and give the dog the indignity of dying in a white room with a needle - we believe in the right for humans to enjoy animal sports.
  Because we're fundamentally both in favour of puppy killing, we are happy to donate this money through clone54321, who has done so much work for our cause over the past few months. Thanks to his work, our puppy-killing is now 15% more efficient.
  
  Sometimes you have no choice but to accept the payment and continue to do the work.
  Equivocation. Mine is a moral (free) choice, whereas in that case it was afaict required by law to run the ads.
14. Re:nor would I accept it by Sir_Lewk · 2010-08-06 05:13 · Score: 1
  
  When you start discussing the finer points of the ethics of killing puppies, you can be pretty sure that your analogy has become unwieldy.
  Seeing as you are not BadAnalogyGuy (or are you??), I advise that you just let it die...
  
  --
  "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
15. Re:nor would I accept it by FuckingNickName · 2010-08-06 05:27 · Score: 1
  
  "Give a small amount of money to a charity which is perceived as opposing you," is a classical tactic, accompanied by rhetoric (not my opinion!) to disguise the organisation's true mission. What matters here is how the de facto public relations officer for the Puppy Killing Party feels about his position.
  The PKP will continue giving money as long as the drop in an ocean payment to the Humane Society continues giving such great publicity.
16. Re:nor would I accept it by clone53421 · 2010-08-06 05:31 · Score: 1
  
  Publicity !== good publicity.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
17. Re:nor would I accept it by SleazyRidr · 2010-08-06 06:46 · Score: 1
  
  I can see where your mindset is, but your morality should define what you do, not whether or not you get paid for it. By helping an organisation with whom you disagree, you've already betrayed your morality, so you may as well get something for it.
  
  --
  Is 1563649 a prime number?
18. Re:nor would I accept it by SleazyRidr · 2010-08-06 06:54 · Score: 1
  
  When someone pays you for work you do, you're working for them. If you don't want to work for them, you have no choice but to refuse their payment.
  Unless you've entered into a contract, that doesn't hold.
  If I help fix your car, and you 'pay me' with a six pack of beer we're done. If you then use that car to run over orphans I won't return the beer on moral grounds. I would however refuse to help you fix your car again. (I would have refused you in the first instance if I'd known what you were going to do, but one can only act on the knowledge one has at the time.)
  To fit into your analogy, I graciously accept the $2000 from the PKP, then refuse to help them again.
  
  --
  Is 1563649 a prime number?
19. Re:nor would I accept it by Anonymous Coward · 2010-08-06 07:07 · Score: 0
  
  Benefiting from some organization of which you disapprove is morally bankrupt
  benefits TO such an organization is wrong; taking money from them is the opposite
20. Re:nor would I accept it by FuckingNickName · 2010-08-06 07:10 · Score: 1
  
  To fit into your analogy, I graciously accept the $2000 from the PKP, then refuse to help them again.
  You know from the start that your work is incidentally helping the Mozilla Foundation.
  But even if you didn't, what if your work happened to mean that you regularly do stuff which you find out incidentally helps the PKP (e.g. you write some open source product from which they greatly benefit)? Do you refuse further payments? Stop working on the product?
21. Re:nor would I accept it by SleazyRidr · 2010-08-06 07:34 · Score: 1
  
  It's all about a cost benefit analysis.
  How much does the PKP benefit from my work? How much does the humane society benefit from my work? If the sums of the goods outweigh the sums of the evils then I continue. Accepting any money the PKP wants to give me.
  Perhaps I would give more credence to feedback from the humane society than from the PKP, adding the features that the humane society wants, but not those that the PKP wants. If the PKP happens to incidentally benefit from an improvement I make for the humane society and chooses to send me money then that's a double-win for me.
  
  --
  Is 1563649 a prime number?
22. Re:nor would I accept it by FuckingNickName · 2010-08-06 08:44 · Score: 1
  
  So... doing work which benefits an organisation is wrong, but it can be cancelled out somewhat if they pay me. IOW, getting a job at Puppy Killing Party HQ is OK as long as my salary is high enough ;-).
  Look, you're not being paid for the precise value of your work to PKP (or at any non-cooperative firm, but that's another discussion). You're being given a token sum to encourage you to work more and to make them look good. No amount paid out will be sufficient to do them significant damage if used against them. If the beginnings of damage were apparent, they'd stop paying out to anyone, or add a clause stating that money would not be paid out to those who drag them into disrepute.
  It's possible that you are the only completely incorruptible person in the world, aiming to channel the income only to causes which counter PKP and not letting the prospect of personal income influence you. It's further possible that you aim correctly, carefully noting such dangers as two sides of the same coin (the ostensible diametric opposition to any cause is often as bad as the original cause) and avoiding donations which can be used as PR in PKP's favour.
  But to PKP you're just another productive employee.
No Money by helix2301 · 2010-08-06 03:01 · Score: 1

The true geek will not take the money. They respect open source and want to help the open source community. Plus it's fun to find holes in software. No to mention firefox is such a great browser why not try and make it better.

--
http://www.thetechnologygeek.org
1. Re:No Money by WhitePanther5000 · 2010-08-06 03:41 · Score: 1
  
  That's all well and good, but don't generalize. Bug fixers gotta eat too, ya know.
2. Re:No Money by Anonymous Coward · 2010-08-06 05:25 · Score: 0
  
  The true geek will not take the money.
  Unlike the true Scotsman, who will borrow the money.
What Nobel people... by Itninja · 2010-08-06 03:02 · Score: 0, Flamebait

I have heard that the Nobel prize people will call and ask someone if they would accept the prize if it were offered them. If they say yes, then it's "Great! You have been offered a Noble Prize in %category%!". But if the potential winner indicates they are not really interested in material prizes, they just never offer the prize at all. That way they can say no one has ever turned down a Nobel.

I wonder if the Firefox people do the same thing in reverse. They would call the potential bounty winners (maybe just those in $1000+ range) and say something like "Hi there. This security bug you found might be worth a decent size bounty. If we offered it to you, would you actually take our money or or do something noble and selfless like allowing us to donate it? ". If the winner says they would probably just donate it, then it's all "Super! We will donate it! You're the best". If they take the money then it's "No problem. We offer you $50 for this.".

Of course I seriously doubt this happens at all. But it's fun to start vicious rumors about non-profits >:)

--
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
Something more desired than cash. by shadowrat · 2010-08-06 03:09 · Score: 5, Funny

These guys are probably finding bugs in Mozilla to get laid. I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots, basketball players, and CIA agents at the bar when I tell them about a DOM parsing error i discovered!

To seal the deal i tell them i didn't want the money as i'm already super rich. Tomorrow i leave for africa to help impoverished children install Ubuntu.
1. Re:Something more desired than cash. by Maarx · 2010-08-06 04:58 · Score: 1
  
  These guys are probably finding bugs in Mozilla to get laid. I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots, basketball players, and CIA agents at the bar when I tell them about a DOM parsing error i discovered!
  To seal the deal i tell them i didn't want the money as i'm already super rich. Tomorrow i leave for africa to help impoverished children install Ubuntu.
  From Ubuntu (philosophy)
  
  Ubuntu is an ethic or humanist philosophy focusing on people's allegiances and relations with each other. The word has its origin in the Bantu languages of southern Africa. Ubuntu is seen as a classical African concept. The Ubuntu operating system was named for this principle.
2. Re:Something more desired than cash. by Monkeedude1212 · 2010-08-06 05:07 · Score: 1
  
  Oh man, and I thought MY post was clever.
  This made my day.
3. Re:Something more desired than cash. by Anonymous Coward · 2010-08-06 05:52 · Score: 0
  
  I know my wingmen and i have used that line to great success many times. You wouldn't believe how fast the ladies forget the fighter pilots
  My wingmen are fighter pilots, you insensitive clod!
Percentage at work? by GoJays · 2010-08-06 03:15 · Score: 1

What percentage of the individuals who find a bug are currently on work time? If 10% of found bugs are on work time then they may not be able to accept cash from another company while being paid by their current employer. Discovering a bug on work time just means you are doing your job.
They turn down the money because... by Anonymous Coward · 2010-08-06 03:20 · Score: 0

...having not to use IE is priceless.
Some even find bugs and donate money to mozilla to keep preventing them from having to use IE.
That's why I'm not a geek. by Anonymous Coward · 2010-08-06 03:28 · Score: -1, Troll

I'm a Systems Administrator.
You offer me money, I'm taking it.
You offer me enough money, maybe I don't delete the porn that you stashed on the network storage.
(What? I learned from the best. All glory to the Bastard.)
One good reason to refuse cash... by Anonymous Coward · 2010-08-06 04:52 · Score: 0

... is because you'll have to pay more taxes and you don't want more money being used to kill Afghan civilians.
(That is if you live in a crappy country like the US).
I'd take an official "I found a bug T-shirt" by Anonymous Coward · 2010-08-06 05:00 · Score: 0

How about a T-shirt that says "I found a Mozilla security bug" T-shirt that includes a GPG-signed copy of your name and the message from the Mozilla foundation.
Costs $10 for the Mozilla foundation, and is worth way more in bragging rights than a couple of hundred/thousand bucks.
Just sayin'
Always take the cash! by Anonymous Coward · 2010-08-06 05:30 · Score: 0

Dumb. Take the cash, donate it back, deduct it from your taxes.
In other news by Zepalesque · 2010-08-06 07:00 · Score: 3, Insightful

Almost 90% of Mozilla Bug Finders Accept Cash Reward!
Microsost wont pay.... by Methuselus · 2010-08-06 07:09 · Score: 1

because they'd go broke
No money, please. by PPH · 2010-08-06 08:33 · Score: 1

I'll take uncut diamonds or bearer bonds.

--
Have gnu, will travel.
This is capitalism! by Anonymous Coward · 2010-08-06 12:57 · Score: 0

And Microsoft is a capitalist company!
They would never pay for bugs or patches or whatever.
They are leaders in a fierce competition field; they're the ones who get to charge for bugs, not the other way around!
Zealots! (8-[