Hacker News new | ask | show | jobs
by gingabriska 2523 days ago
But I wonder what if a developer purposely plants a bug then ask his friend to report it and split the bounty. It seems it's easy to take advantage of such programs internally?
2 comments
xkcd-sucks 2523 days ago
It's a little less malicious then backdooring it which has a pretty strong precedent already. Also code review "should" catch it
link
frandroid 2523 days ago
The repository would show who wrote the bug in the first place, and it would have to pass code review. One would have to wait for the developer to leave the company before activating this scenario.
link
gingabriska 2523 days ago
Developers write bugs all time, it's hard to know if they purposely wrote one or it just got slipped in due to right schedule.
link