Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Apple doesn't pay bounties for this sort of report, even if direct to their team. They have a private bounty program, for a select few.


That this would be the prevailing understanding is exactly why a bug like this would live in the wild at all. There are plenty of other orgs out there who would have paid big money for this.


Source? I've heard of iPhone vulnerabilities getting high six figures from Apple (for root access via sms). Why wouldn't Apple pay for something like this?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: