It's pretty good to get that perspective. Anecdotally, as part of my job for a big company I've had to monitor the security report inbox; the number of reports we received featured a...
It's pretty good to get that perspective. Anecdotally, as part of my job for a big company I've had to monitor the security report inbox; the number of reports we received featured a disproportionate amount coming from Indian security researchers but I always thought that was a product of the high population of India, the fact that a decent part of the population can communicate in English and (from an outsiders' perspective) it seemed like there's a lot of focus on IT as a career path.
It was also interesting that a few times we would get similar low effort reports (Just running a tool and sending the results without confirming) coming around the same time and I always suspected it was related to someone posting a new instructional Youtube video like the ones mentioned in the post.
Related discussion: https://tildes.net/~comp/s9h/digitaloceans_hacktoberfest_hurts_open_source_maintainers_by_incentivizing_low_quality_unsolicited
It's pretty good to get that perspective. Anecdotally, as part of my job for a big company I've had to monitor the security report inbox; the number of reports we received featured a disproportionate amount coming from Indian security researchers but I always thought that was a product of the high population of India, the fact that a decent part of the population can communicate in English and (from an outsiders' perspective) it seemed like there's a lot of focus on IT as a career path.
It was also interesting that a few times we would get similar low effort reports (Just running a tool and sending the results without confirming) coming around the same time and I always suspected it was related to someone posting a new instructional Youtube video like the ones mentioned in the post.