Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
Judge Adams issued a statement asserting that his daughter released the tape to retaliate against him for withdrawing his financial support.
Oh, so he abuses his children and then also doesn't support them financially, sounds like a real winner!
Your observation, that a bug hunt will reveal lots of inconsequential bugs, but the few significant ones make it worthwhile -- well, that's entirely the expected result, surely?
Well, I could make some argument about whether it's generally worthwhile even for a few significant bugs... if they are significant, it's likely they would be found and reported in short order regardless of a bounty. And especially if there's a backlog of bugs, I'd say those should take priority over finding new bugs that haven't actually bothered anyone yet.
The security aspect is different though, because those are bugs that have a motivation to go unreported. And there's the 'papercut' type, where small annoyances go unreported. I'd consider it an good question whether bounties are more effective than simply paying an expert (or several) the same amount up-front to comb through things. The old crowd-source vs. out-source argument I guess.
What does $1265 of bugs look like
Looks like this wasn't a slashdot article, maybe it should be
I think the point he's getting at is that a lot of the bugs are not the ones that would trouble users (i.e. they only appear "in the lab"). So although it's still good to fix them, they are low priority.
The farming analogy is bad because it implies people are creating these bugs just to turn them in, which as everyone is pointing out, doesn't make sense and would reflect poorly on the buggy developer, so it would be self-limiting. Instead, I propose he should have said "imported" rats instead of "farmed" rats: instead of killing the rats in the city (the "high priority" ones), people are going out into the country and killing rats that weren't really bothering anyone. Eventually they or their descendants might make it to the city and cause a problem, so we're certainly not sad to see them go (environmental concerns breaking the analogy here
I could have sworn there was an article/blog post a little while back with statistics from a bug bounty program where most of the bugs were relatively trivial (found by automated methods, style consistency, etc.) or else quite obscure, with only a couple 'interesting' ones. But all I can find is this slashdot article, which I don't think is the one I'm thinking of. But I remember the author's summary was also that he still appreciated the peace-of-mind that others had looked through his code and that was all they had come up with, so still a net positive.
However building the tallest phallic symbol just requires throwing money at immigrant workers, and in the long run will accomplish nothing much except an impressive symbol of wasted wealth. But it leaves more playtime for the rulers, and a clear sense of accomplishment ("look at that!")... as opposed to actually empowering their people, which would probably be counter-productive to the rulers anyway, diluting their grip on the region.