Why it pays to find bugs...
It seems good work has paid for Michael Krax. The Mozilla foundation has awarded him $2,500 —he'd have preferred 2,500 euros— for 5 security bugs (fixed in Firefox 1.0.2; have you upgraded yours?). Says Chris Hofmann:
"We developed the bug bounty program to encourage and award community members who identify unknown bugs in the software. This program is one of the many ways the Mozilla Foundation produces safe and secure software for its users."The Mozilla Security Bug Bounty Program is designed to encourage security research in Mozilla software and to reward those who help us create the safest Internet clients in existence. Reporters of valid critical security bugs will receive a $500 (US) cash reward and a Mozilla T-shirt.
The Bug Bounty program was founded in 2004 with funding from Linspire and Mark Shuttleworth. Since its inception the Mozilla Foundation has awarded bug bounties to five participants. The previous winners were awarded on Sep 14, 2004: Marcel Boesch, Gael Delalleau, Georgi Guninski, and Mats Palmgren.