[ffsm8]

Eh, I think you're underestimating some people perseverance.

You generally only need multiple people for timely action, and it usually even slows you down (from the perspective of total hours spent)

Like 2k bug bounty? I guarantee you some people would be willing to spend a lot of time for that. But yeah, people which are gainfully employed and have a decent salary - likely not.

[layer8]

People will have fun spending their free time on such projects. But it’s virtually impossible to turn it into “an actual thriving business model” that people can make a living on.

[rjdj377dhabsn]

Why not? In much of the world, working on one of those a month would provide a comfortable living.

[layer8]

This $1900 bug bounty is quite an outlier, you generally won’t find one per month. An additional challenge is that it’s hard to predict how much work something will take, or whether there are any showstoppers. Also, if you don’t live in the same country as the client, it will be more difficult to get legal assurance that you’ll receive your money (or for the client that they won’t lose their money).

[csin]

You bought up a lot of points. And I think they are all negligible, compared to the gigantic elephant in the room.

Which is, in order for some rando to fix the bug; a company would need to give access to their codebase to some rando.

And they don't wanna do that.

[nightshift1]

lt could become some sort of leetcode final boss and/or something that you can put on your resume.