Nextcloud has joined a growing list of projects, including Curl, that have ended their bug‑bounty partnerships with HackerOne due to an unmanageable surge of low‑effort, AI‑generated security reports. I received the following email: Hi ph00lt0, Nextcloud is sending you a message about their program on HackerOne. Hello, We are writing to you because you have previously reported vulnerabilities to Nextcloud via HackerOne. Like many other software projects, we have been receiving an increasi...

Nextcloud has joined a growing list of projects, including Curl, that have ended their bug‑bounty partnerships with HackerOne due to an unmanageable surge of low‑effort, AI‑generated security reports. I received the fol…

  • timbuck2themoon@sh.itjust.worksEnglish
    19·
    13 hours ago

    What I don’t get is- these people are disingenuous or actually think theyre helping.

    Helping how? The owner of the repo can submit code to your bullshit machine the exact same way. What value are you producing?

    • SaharaMaleikuhm@feddit.orgEnglish
      9·
      10 hours ago

      The people doing this feel like it was their doing because they control the machine basically. This craving to produce something is strong in the ones who have no skills of their own. That’s why these PRs only ever come from absolutely incompetent buffoons.

    • darklamer@feddit.orgEnglish
      8·
      11 hours ago

      This remains a great mystery to me. As far as I can see, all they achieve is to waste time and resources for everyone involved, including themselves, without creating anything of value to anyone. It’s truly baffling.

      • SaharaMaleikuhm@feddit.orgEnglish
        4·
        10 hours ago

        It makes them feel good. Like they done something positive. It’s utterly pathetic and I despise these people with no skills, no ability to create anything of their own.