Google Says No More Cash For Trash Web Bugs 88
Posted
by
Soulskill
from the try-offering-achievement-points-instead dept.
from the try-offering-achievement-points-instead dept.
Trailrunner7 writes "It's bound to happen: you create a cool, forward looking incentive program designed to tap the 'wisdom of the crowd' and help make your products better, only to find out that, in fact, the 'crowd' isn't all that wise — and now wants you to pay cold, hard cash for their tepid ideas. That's the experience that Google appears to have had since announcing that it would extend its bounty program for bugs from its Chromium platform to the various Web applications that the company owns. In an updated blog post this week, the company said it has already committed to some $20,000 in bounties, but also provided some 'clarification' to the terms of the reward program, saying that — in essence — not all bugs are equal and that researchers dumping low priority vulnerabilities shouldn't expect to get much in return. 'The review committee has been somewhat generous this first week,' wrote Google's Security Team in a blog post. 'We've granted a number of awards for bugs of low severity, or that wouldn't normally fall under the conditions we originally described.'"
Oh shut the f up . (Score:2, Interesting)
every one of those low priority bugs could be driving off a user or a customer at this point, had they not been fixed.
Re:Oh shut the f up . (Score:3, Interesting)
Had the same feeling. How serious are they about Chrome? The cost of this, even for small bugs, is a drop in the bucket. I'm guessing some manager just got sick of doing their job wondering why they have to pay out what should be a bonus for them to lowly internet people for common bugs.
Crowdsourcing is not about majority rule (Score:1, Interesting)
It looks like they are starting to get the idea that a lot of people who talk about "crowdsourcing" have yet to understand: quantity != quality. We know that in so many other places; so why do people fail to recognize this fact in crowdsourcing?
The best ideas are likely to be uncommon not common. If you're looking for something valuable, you don't want the thing that is most popular on first glance. You want the thing that can really win everyone over in the long run. That's the principle behind collaborative governance [metagovernment.org], which again, is horribly misunderstood as some sort of mob rule thing.
Even Slashdot knows better than to just give everyone a vote on everything. They have limited moderation, and then meta-moderation as a secondary check. And even that is rather primitive compared to the collaborative governance stuff.
Re:Not so much ideas.... (Score:3, Interesting)
My first thought is that people are reporting bugs that Google simply thought were too minor and did not want to devote resources. For example, intermittent bugs that can be solved with a page refresh are not likely going to cost customers, or cost Google very much, but could be very costly not only to diagnose, but to fix in such a way that everything else does not break.
Alternatively they may not wish to pay the small bounty on many minor issues in hopes of making it up with a small bounty on a major issue. If they are going to differentiate small and large issues, then they should differentiate with small and large payments, say 137 for minor bug and 133337 for a major bug. I would imagine that some researchers are funding their search for larger bugs with the payments on smaller bugs. I imagine that the search for larger bugs might slow if the payment disappear.