[CaptechPhD]

If your government set up a program where you could report report vulnerabilities through a portal and earn points that would lead to grants to get technical certifications or educational scholarships so you could go to college or university, would you participate?

Obviously, bug bounty programs that offer a lot of money couldn't compete with this sort of program. But there are so many organizations/companies that cannot afford to offer large bounties.

Do you think this program idea could work?

[GYATT]

If your government set up a program where you could report report vulnerabilities through a portal and earn points that would lead to grants to get technical certifications or educational scholarships so you could go to college or university, would you participate?

Obviously, bug bounty programs that offer a lot of money couldn't compete with this sort of program. But there are so many organizations/companies that cannot afford to offer large bounties.

Do you think this program idea could work?

I feel like if we are going to do this it should be simple vulnerabilities that any ordinary person can find and it should be easy to contact and easy to get your reward like instantly like real life side quests then I would possibly do it but do you think the government aren't gonna keep an eye on whoever is constantly submitting these in they will think they are some 0-day hacker its just how the government is there is NO real privacy now a days

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Threatening forum members

[CaptechPhD]

If your government set up a program where you could report report vulnerabilities through a portal and earn points that would lead to grants to get technical certifications or educational scholarships so you could go to college or university, would you participate?

Obviously, bug bounty programs that offer a lot of money couldn't compete with this sort of program. But there are so many organizations/companies that cannot afford to offer large bounties.

Do you think this program idea could work?

I feel like if we are going to do this it should be simple vulnerabilities that any ordinary person can find and it should be easy to contact and easy to get your reward like instantly like real life side quests then I would possibly do it but do you think the government aren't gonna keep an eye on whoever is constantly submitting these in they will think they are some 0-day hacker its just how the government is there is NO real privacy now a days

So the issue that you see with this idea is that people would be afraid to participate because they would fear that the government would take interest in them after they submitted vulnerabilities? For a program like this to work, people would need to be reassured/guaranteed that the data would only be used for the purpose of the program and not shared with any investigative body.

[GYATT]

If your government set up a program where you could report report vulnerabilities through a portal and earn points that would lead to grants to get technical certifications or educational scholarships so you could go to college or university, would you participate?

Obviously, bug bounty programs that offer a lot of money couldn't compete with this sort of program. But there are so many organizations/companies that cannot afford to offer large bounties.

Do you think this program idea could work?

I feel like if we are going to do this it should be simple vulnerabilities that any ordinary person can find and it should be easy to contact and easy to get your reward like instantly like real life side quests then I would possibly do it but do you think the government aren't gonna keep an eye on whoever is constantly submitting these in they will think they are some 0-day hacker its just how the government is there is NO real privacy now a days

So the issue that you see with this idea is that people would be afraid to participate because they would fear that the government would take interest in them after they submitted vulnerabilities? For a program like this to work, people would need to be reassured/guaranteed that the data would only be used for the purpose of the program and not shared with any investigative body.

Yes but I feel as the feds would never do that.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Threatening forum members

[DredgenSun]

I doubt the Govt. would give anything away for your efforts.

[CaptechPhD]

I doubt the Govt. would give anything away for your efforts.

Maybe not. But it doesn't hurt to include recommendations in research and try to affect positive change. Naive as it may be!

[ST_13]

Yeah it'll work but there's no need. Being able to prove the bounties you've solved in real world scenarios via bug bounty programs.. that kind of experience would be more valuable to an employer than a certificate.

[DredgenSun]

I doubt the Govt. would give anything away for your efforts.

Maybe not. But it doesn't hurt to include recommendations in research and try to affect positive change. Naive as it may be!

We can only hope that the Govt actually cares about it's citizens...

[CaptechPhD]

Yeah it'll work but there's no need. Being able to prove the bounties you've solved in real world scenarios via bug bounty programs.. that kind of experience would be more valuable to an employer than a certificate.

That is an interesting point. So if such a program was created, you think it would be useful to have a place where you could get some sort of government certified proof of your participation and the bugs you provided. This information could help you when looking for employment?

---

I doubt the Govt. would give anything away for your efforts.

Maybe not. But it doesn't hurt to include recommendations in research and try to affect positive change. Naive as it may be!

We can only hope that the Govt actually cares about it's citizens...

That would be ideal, wouldn't it?

[DredgenSun]

Yeah it'll work but there's no need. Being able to prove the bounties you've solved in real world scenarios via bug bounty programs.. that kind of experience would be more valuable to an employer than a certificate.

That is an interesting point. So if such a program was created, you think it would be useful to have a place where you could get some sort of government certified proof of your participation and the bugs you provided. This information could help you when looking for employment?

---

I doubt the Govt. would give anything away for your efforts.

Maybe not. But it doesn't hurt to include recommendations in research and try to affect positive change. Naive as it may be!

We can only hope that the Govt actually cares about it's citizens...

That would be ideal, wouldn't it?

Of course it would, but nobody enters Government for the benefit of all anymore...