Understanding the Heterogeneity of Contributors in Bug Bounty Programs

Background: While bug bounty programs are not new in software development, an increasing number of companies, as well as open source projects, rely on external parties to perform the security assessment of their software for reward. However, there is relatively little empirical knowledge about the characteristics of bug bounty program contributors. Aim: This paper aims to understand those contributors by highlighting the heterogeneity among them. Method: We analyzed the histories of 82 bug bounty programs and 2,504 distinct bug bounty contributors, and conducted a quantitative and qualitative survey. Results: We found that there are project-specific and non-specific contributors who have different motivations for contributing to the products and organizations. Conclusions: Our findings provide insights to make bug bounty programs better and for further studies of new software development roles.Comment: 6 pages, ESEM 201

Aging, myopia and the pay-as-you-go public pension systems of the G7: a bright future?

The public pension systems of the G7 countries were established in an era when the number of contributors far outweighed the number of beneficiaries. Now, for each beneficiary there are fewer contributors, and this trend is projected to accelerate. To evaluate the prospects for these economies we develop an overlapping generations model where growth is endogenously fueled by investments in physical and human capital. We analyze individuals' behavior when their expectations over their length of life are rational or myopic and examine whether policies exist that can offset the effects of aging, should they be adverse. We find that while perfectly anticipated aging is welfare improving and does not threaten the solvency of public pension systems, myopia worsens welfare, puts pension systems at risk, and cannot be easily remedied by public policy.Social security