Katie Moussouris (she/her/she-hulk/she-ra)🌻
@k8em0.bsky.social
Founder & CEO LutaSecurity @payequitynow MIT&Harvard visiting scholar, @MasonNatSec fellow, 1/2 Chamoru, 1/2 Greek all-American hacker
Reposted by Katie Moussouris (she/her/she-hulk/she-ra)🌻
That was me making it do that yes
November 4, 2025 at 6:07 PM
That was me making it do that yes
Not sure why that matters. Even if they are all real, which presumably coming from Google they are, the complaint was about volume of bugs taking time to prioritize, fix, & test with no patches provided to volunteer maintainers.
The discussion has been going for several days
x.com/k8em0/status...
The discussion has been going for several days
x.com/k8em0/status...
Katie🌻Moussouris (she/her/she-ra/she-hulk) 🪷 on X: "Even with patches provided with bug reports, AI makes too much human work in prioritizing & testing. Commercial closed source faces similar bottlenecks & diminishing security returns. Vuln handling can’t keep up even if using AI validation. Security is being DoSed by AI right now" / X
Even with patches provided with bug reports, AI makes too much human work in prioritizing & testing. Commercial closed source faces similar bottlenecks & diminishing security returns. Vuln handling can’t keep up even if using AI validation. Security is being DoSed by AI right now
x.com
November 4, 2025 at 4:49 PM
Not sure why that matters. Even if they are all real, which presumably coming from Google they are, the complaint was about volume of bugs taking time to prioritize, fix, & test with no patches provided to volunteer maintainers.
The discussion has been going for several days
x.com/k8em0/status...
The discussion has been going for several days
x.com/k8em0/status...
Right back at you, sis 🙌🏼💖
October 29, 2025 at 7:31 AM
Right back at you, sis 🙌🏼💖
You just need a ticketing system & way to pay people to do bug bounties. That can be relatively easy to execute separately.
It helps to have a mechanism to ensure you’re not paying sanctioned people, or into sanctioned countries, but the bug bounty platforms didn’t check for that at the beginning.
It helps to have a mechanism to ensure you’re not paying sanctioned people, or into sanctioned countries, but the bug bounty platforms didn’t check for that at the beginning.
September 8, 2025 at 11:43 PM
You just need a ticketing system & way to pay people to do bug bounties. That can be relatively easy to execute separately.
It helps to have a mechanism to ensure you’re not paying sanctioned people, or into sanctioned countries, but the bug bounty platforms didn’t check for that at the beginning.
It helps to have a mechanism to ensure you’re not paying sanctioned people, or into sanctioned countries, but the bug bounty platforms didn’t check for that at the beginning.
For what the OP wants, I’m upvoting this:
bsky.app/profile/benj...
Though in general, it’s definitely time to rethink the bug bounty (and entire gig economy) space writ large, not just for open source. I’ll have more thoughts to share on this later…
bsky.app/profile/benj...
Though in general, it’s definitely time to rethink the bug bounty (and entire gig economy) space writ large, not just for open source. I’ll have more thoughts to share on this later…
Last one I heard of is bountyboard.dev Not sure how active it is generally, but I think you can link issues to it, etc, as exposure of the bounties.
I know a couple more were out there but maybe died or did some sketchy rug pull junk.
I know a couple more were out there but maybe died or did some sketchy rug pull junk.
bountyboard
Earn money with open source contributions by completing bounties
bountyboard.dev
September 8, 2025 at 6:59 PM
For what the OP wants, I’m upvoting this:
bsky.app/profile/benj...
Though in general, it’s definitely time to rethink the bug bounty (and entire gig economy) space writ large, not just for open source. I’ll have more thoughts to share on this later…
bsky.app/profile/benj...
Though in general, it’s definitely time to rethink the bug bounty (and entire gig economy) space writ large, not just for open source. I’ll have more thoughts to share on this later…