Ha ha. That's a common joke about the security industry. There is some truth to it.

What's great with bug bounty programs is that customers pay for results. You pay for valid and useful vulnerability reports. You don't pay for reports that are not useful. For hackers to make money (and the best ones make a lot of money), they must produce useful and relevant vulnerability reports.

That's a HUGE difference compared to traditional security products and services and it explains why bug bounty programs are becoming so popular. They are much more effective than any other method of finding vulns in live software.

Yep, 70,000 is a lot! The number keeps growing, and we hope to get to a million. To serve all companies and government organizations worldwide who will be needing bug bounty programs, we need a lot of excellent hackers.

It should also be noted that it takes a lot of hacking to find even a simple vulnerability. Of the 70,000 hacker accounts we have, about 1 in 6 have filed an actual vulnerability report. To help them get going, we have an ebook on hacking that we give to new hackers. Once new hackers get the hang of bug hunting they can advance fast, earning more and more reputation points. When you sign up at HackerOne, you start at 100 points. Our most prolific hackers have reached 10,000 points. You can do it, too!

Yep this is true. It is also a common situation that humanity has dealt with successfully many times. To keep a ship afloat, you must find and fix every hole. Even one hole might sink it. To keep an aircraft safely flying, similarly every safety aspect must be in shape. Shipping and airlines have great safety track record these days.

To keep software secure, you must attempt to fix all serious vulnerabilities. You may never get to 100% vuln-free software, but the closer you get and the faster you can asymptotically move towards that goal, the more you reduce your cybersecurity risk.

Ooops sorry slashdotters - three zeros missing. Above it should say "HackerOne has already paid out over $10,000,000 to hackers".

:-)

Sometimes we need to repeat old insights to make sure that the broader society is aware.

It has taken decades for the industry to get used to bug bounties. The first one was in 1981. Now it is starting to be very real. HackerOne has already paid out over $10,000 to hackers and researchers around the world. One hacker has made over half a million dollars. Another recently bought an apartment for his mother with the bounty money he had made. Still lots of work and education to do, but it is very much moving in the right direction. An example: the US DoD now committing $7m to vulnerability disclosure programs.

- Marten (HackerOne CEO)

What about the multi-monitor issue that plagues Skylake? Is Kaby Lake support better? See: http://www.phoronix.com/scan.p...

This winter, in the Laurentians, 150 km up north of Montréal, -29C in the evening/night was common. And there is a lot of people enjoying the winter sports in Laurentian, lots of people moving around between hotels and restaurants at these temperatures.

Linux is hard to configure, well sometime yes, other no. Sharing a drive is a click away. LibreOffice has become good enough; seriously, you should try it on Windows. NVidia proprietary video driver is pretty much on par with Windows. Games, well it depends if you play them or not. Many do not care; thus the reason why they departed from Windows to tablets.

If you want solid reason for disliking Linux, read my take on it at My disastrous experience with Ubuntu 14.04 LTS Trusty Thar.

Despite, I still love Linux and am a hard core fan. The reasons can be found here.

Yep, bad PDF XFA forms support.

Sorry, but with Linux, you must be very careful of the DESKTOP device you buy. Many do not have the proper driver. Windows may not work out of the box with the device, but the device drivers are readily available. For one, as far as I know, there exist no game wheel which force feedback works completely on Linux. Many specialized game mouse do not work well. Even the Steam Controller has some issue and require a proprietary driver (which I read; not lived). Some Wacom tablets do work, some don't.

Given my bad experience with Ubuntu, I would not consider it a "proper modern" OS. Still, I stick with it because I am a fan of Linux and FOSS. I just wish that the Linux desktop experience would be on par with Mac and Windows. These days, it is far behind.

>Do you believe rehabilitation is impossible or do you want revenge?

I don't believe that someone who commits mass murder can be rehabilitated, no. It isn't about revenge; it's about public safety.