[colinbartlett]

There should be some neutral third party non-profit that adjudicates bug bounties so that security researchers don't need to worry that their efforts will go to waste.

Companies could sign on to using this third party and pay a fee and put up escrow for the service. This would motivate researchers to find bugs for those companies that utilize the service, knowing payment will be impartial.

[DavidChouinard]

I agree, see Synack [1] (marketplace for bug bounties, with the bugs and rewards vetted by Synack). I think it's a huge opportunity.

[1] http://www.synack.com/

[christianh]

A simple option is CrowdCurity - reward programs as a service. Private or public, dollars or bitcoin payments - everything setup and managed for the companies.

https://www.crowdcurity.com/

Disclosure: I'm co-founder of CrowdCurity

[xerophtye]

Fine fine, i'll play nice...

Ps: the idea is pretty cool. So is the implementation =) though how would you guys have handled if an issue like this occurs on your platform? A submitter submits a bug but the company refuses to pay for it citing "out of scope" ??

[xerophtye]

You know, you are just harming yourself this way. If you must show your stuff on HN, why not post it as a ShowHN?? why do this dishonorable thing to gain attention? IMO it actually harms you.

[xerophtye]

a down vote? :O but why? i thought we were unanimously against plugs?

[vvvVVVvvv]

You didn't get the memo ? There's no such thing as a single we anymore.

[terhechte]

That could be done with Bitcoin contracts, too.

[err4nt]

Bitcoin is much easier (and faster) to acquire than to liquidate. I'd rather be paid in cash.

[shiftpgdn]

You can liquidate bitcoin in about 5 minutes using Coinbase.

[Datsundere]

took me a week to get my bitcoin.

[shiftpgdn]

Are we talking cash to bitcoin or bitcoin to cash? I haven't done cash to Bitcoin but the bitcoin to bank deposit was done instantly.

[wodow]

Do it!