Let's make sure Heartbleed doesn't happen again. | Crowdtilt.com

Crowdtilt is a new way to pool funds for group experiences, purchases, and causes! Learn more.

Let's make sure Heartbleed doesn't happen again.

with Bugcrowd
This campaign will expire at
  on  .
To date
$7,262
Expired
Tilts at [?] $15,384.62
Target at $100,000
Casey Ellis started the campaign
The Heartbleed vulnerability affected all of us, and the question that still remains is what other bugs still exist in OpenSSL that we don’t know about? This is your opportunity as an Internet citizen or business to be a part of funding a focussed crowdsourced security assessment to find the next Heartbleed.

The bigger the reward pool, the more attention this project will receive from the security research community.

With many eyes and the right incentive all bugs are shallow.

100% of the proceeds will be offered to security researchers. Any leftover funds will be passed on to the OpenSSL Software Foundation. Bugcrowd will administer the bounty at it's own expense.

We're looking for corporate sponsors to create a reward pool that attracts the necessary talent from the security research community. We're also opening this Crowdtilt up for *everyone*… Heartbleed affected everyone on the Internet, and we believe in giving everyone the opportunity to contribute.

Sponsors will be credited as Defenders of the Internet, and sponsors who commit over $5,000 will be specially mentioned and thanked.

Together let’s make the Internet a safer place.

An open letter available at https://blog.bugcrowd.com/crowdfunded-bounty-lets-make-sure-heartbleed-doesnt-happen-again
read full description
The campaign has ended but the conversation hasn’t! Post a comment below.
Success! Your comment has been posted and will be displayed shortly.

Campaign Description:

The Heartbleed vulnerability affected all of us, and the question that still remains is what other bugs still exist in OpenSSL that we don’t know about? This is your opportunity as an Internet citizen or business to be a part of funding a focussed crowdsourced security assessment to find the next Heartbleed.

The bigger the reward pool, the more attention this project will receive from the security research community.

With many eyes and the right incentive all bugs are shallow.

100% of the proceeds will be offered to security researchers. Any leftover funds will be passed on to the OpenSSL Software Foundation. Bugcrowd will administer the bounty at it's own expense.

We're looking for corporate sponsors to create a reward pool that attracts the necessary talent from the security research community. We're also opening this Crowdtilt up for *everyone*… Heartbleed affected everyone on the Internet, and we believe in giving everyone the opportunity to contribute.

Sponsors will be credited as Defenders of the Internet, and sponsors who commit over $5,000 will be specially mentioned and thanked.

Together let’s make the Internet a safer place.

An open letter available at https://blog.bugcrowd.com/crowdfunded-bounty-lets-make-sure-heartbleed-doesnt-happen-again
 
LATEST

 
We thought we'd give credit where credit is due to those who've worked on this type of security crowdfunding project before, and have been stirring the conversation around getting the OpenSSL codebase under proper public scrutiny:

@matthew_d_green, @Erratarob, @nickdepetrillo and @thegrugq.

You guys are, at the very least, in some way to blame for the seed of this idea, and we tip our hat to you.
Are you sure?
Are you sure?
Close
Close