October 12th, 2020
Michael Kaminsky recently emailed me an interesting post he wrote about bounties in open source, and I took the opportunity to write up some thoughts that had been swirling in my head for a while. You can find the (lightly edited) response I sent to him below.
Bounties are great for well-scoped, low-context work. For example, bounties work can quite well for things like penetration testing, because it's fairly clear what the objective is (sp...