Subject: Bug Bounties. Making $ from bugzilla.
From: burton@openprivacy.org (Kevin A. Burton)
Date: 25 Nov 2001 01:59:14 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


OK.

Just thinking off the top of my head.  Has anyone talked about this before?  I
am sure I am not the first...

Alice needs a bug fixed in her favorite OSS project.  Alice and Bob don't know
each other but Bob knows a LOT about that project and could fix the bug in a few
minutes but he has other things that are more important....

Alice logs into the Bug Bounty system (theoretical name only of course) and
posts a $20 bounty into the system which holds it in escrow.

It turns out that a lot of other people agree so Carol puts in another $20.

Bob logs into the Bug Bounty system, sees the bounty, fixes the bug and uploads
the patch.

A 3rd party logs in to the system to approve the bounty (it is approved), Alice
and Carol get the patch integrated into the next version upgrade (in a few
weeks) and Bob gets the $40.00.

... of course the devil is in the details. :)

The 3rd party would have to be paid.  Maybe an agreed percentage.  If Bob has a
good reputation maybe he wouldn't need the 3rd party.

Thoughts?  Criticism?

I agree this is similar to SourceExchange, et al but there is one difference,
this is directly related around users and developers, not companies.

Kevin

- -- 
Kevin A. Burton ( burton@apache.org, burton@openprivacy.org, burtonator@acm.org )
             Location - San Francisco, CA, Cell - 415.595.9965
        Jabber - burtonator@jabber.org,  Web - http://relativity.yi.org/

Learn from other people's mistakes, you don't have time to make your own.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Get my public key at: http://relativity.yi.org/pgpkey.txt

iD8DBQE8AMDkAwM6xb2dfE0RAvaaAKCx/vfpuTuz8vrV2CFYmkXWYAk0BwCgs9MX
HRQWHr6fOadnAnH7EgCv8YI=
=sjRs
-----END PGP SIGNATURE-----