| ▲ | user_7832 6 hours ago | |||||||
Honestly I think this is a great idea. My only suggestion is instead of being very nominal, it should be "reasonable" (so $10 and not $1). It's even possible to directly link this to maintainers/employees - if you can review 10 such AI/real things per hour (likely more if it's AI slop that's easy to detect), you're generating another revenue stream. Now, I have no idea if these guys are based in SF Bay or a 3rd world country with low COL but as an "add on", $100 an hour isn't too shabby (and can be on the "low end" if one's good at spotting AI crap.) Side note, isn't it possible to have some way to verify if the "vulns" are actual vulns or not? ...Heck why not throw an LLM at it, powered by a single $10 submission fee? | ||||||||
| ▲ | basilikum 4 hours ago | parent | next [-] | |||||||
If I had to desposit 10$ to report a vulnerability to a company that could get their entire production/business to halt, I'd publish the exploit. | ||||||||
| ▲ | sgerenser 4 hours ago | parent | prev | next [-] | |||||||
I believe the company is based in SF, but the developers are all over the world, so $100/hr is probably in the ballpark. Interestingly one of the senior developers is working from prison so his costs are probably a bit lower: https://news.ycombinator.com/item?id=44288937 | ||||||||
| ▲ | KronisLV 6 hours ago | parent | prev [-] | |||||||
Sounds like a startup idea to me! Admittedly, the friction and the fact that you have to pay would prevent a lot of legitimate people from participation which sucks. AI is really throwing a wrench in the economics of software development, isn’t it? | ||||||||
| ||||||||