Subject: Re: Bounty for Bugs in Open Source Projects?
From: Adam Turoff <ziggy@panix.com>
Date: Mon, 18 Apr 2005 21:34:00 -0400

On Mon, Apr 18, 2005 at 11:00:50PM +0100, Jamie Lokier wrote:
> I think the unspoken motivation behind these questions about bounty
> systems is usually that a lot of free software developers would love a
> means of being paid for the work they do for nothing in their free
> time at the moment - maybe even make a career out of it, if the money
> was available.

Quite true.

> But don't forget that _this_ thread was started by someone who has
> a little money, who wants to offer it to developers somehow.

If the goal is to throw money to improve (and give back to) an open
source project, the question we need to answer isn't "where's the
centralized bug bounty clearinghouse?" but rather "how do I support an
open source project Z with funds?"

I think the overall point is that "bug bounties generally haven't worked
in the past (for reasons X, Y and Z)".

The one counter-example that comes to mind is Blender.  That wasn't a
bug bounty per se, but a buyout of the source from the copyright holder.
That was a _very_ specific fundraising goal with near universal
acceptance from the user community; both points are important.

Answering the second question, there are a handful of large, mature 
open source projects that have established their own (US) non-profit
foundations to (a) provide a legal framework for the project and (b)
accept funds from donors to fund specific projects.  _That_ model has
had a decent amount of success, especially in the Perl and Python
communities (and probably elsewhere, but I'm not certain of any further
examples at the moment).

-- Adam