Do we have the numbers on what percentage of disclosed bugs are from Eastern Europe/"poor" countries? My guess is that gray-hat researchers take into consideration their likelihood of being caught when considering the bounty.
It would be interesting to know the percentage of people from less-developed countries who choose to claim bounties rather than exploit the bug vs. that of people in more-developed countries. I think you would probably find that fewer bug bounties are claimed by researchers in countries with less computer crime enforcement. I think you would also find that raising the payout for bug bounties would affect that likelihood.
It would be interesting to know the percentage of people from less-developed countries who choose to claim bounties rather than exploit the bug vs. that of people in more-developed countries. I think you would probably find that fewer bug bounties are claimed by researchers in countries with less computer crime enforcement. I think you would also find that raising the payout for bug bounties would affect that likelihood.
Great thesis project for someone to work on.