Apple Pays Just $1,000 for Critical Safari Bug Despite Severity Score of 9.8
Apple Pays Just $1,000 for Critical Safari Bug Despite Severity Score of 9.8
Seems like a much more lucrative idea to sell it to the highest bidder then
It always was.
People defend apple wwayyyy too much. They're worse than Google, which is saying something. Google doesn't pretend that your data security is their only concern and then barely do things differently to actually protect you
Nah, they just hoover it up, use all of your data to train ai, and shut down services they bought that you enjoy so that you can have room on your device for their 18th chat application. Definitely better... Or some nuclear grade whataboutism and we can just admit they both suck in different ways. I know the bed fellow I'd pick, and it ain't the G man that's been burning my ass with product shutdowns, forced ads, and data vacuuming for the past 25 years.
Everyone removed about shutting things down but I can't remember ever caring about one of those products and I suspect I'm far from alone because why would they shut down a popular product?
I pick Google one thousand times over. Wish I could avoid them but if my other viable choice are liars whose entire business model is preventing user choice and lying about caring about my privacy while proving otherwise, they can suck my ass.
You whine about ads but you choose a platform that forces you to use their one piece of absolute shit web browser that cannot be definition block any ads unless apple says you can. Like every fucking thing else on the phone, by default you can't do it until they deem it worthy of being allowed.
Because I use a Google phone, I almost never see an ad. The choice I have right now is barely different from 10 years ago but iOS has taken many years to get maybe 60% of the freedoms I've had the entire fucking time.
You can probably tell I'm pretty sick of people explaining away their garbage business model which I despise.
Apple should be ashamed of this nonsense.
To them [edit: Apple], Apple's customers' security is worth $1000 total.
Amazing :3
It’s not ethical but if this is the case I would absolutely sell it to a bad actor. I know it’s terrible to do this but I also have bills to pay and apple is worth like 3 trillion dollars. Ridiculous
Cause fck you that's why.
I'm explaining - their whole reputation as some steel monster doing things well is not due to some competencies or proper organization, it's due to it being illegal to show and check their failure.
In a proper (like 90s) environment their bugs would be known to every script kiddy out there, and everybody would discuss them and laugh at Apple. Various alternative solutions and modifications to their products would too be widely available.
They have correctly determined that appearance is more important for their power than actual security, - because customers don't form customer associations and other institutionalized ways of double-checking companies' bullshit, and without that even if you don't buy all that Apple says, you still take their discourse as given.
And maintaining their appearances is what law does, you'll get in jail for informing too many people of what they do.
But, as always, the actual criminals usually are informed.
It's the same with Google, MS and such.
In the computing world historically customer associations and such were not a thing (I mean, there existed such websites, but they were somewhat tied in feel and function to web directories and indie web news, so they mostly died out), and reputation in the wild was, because social media platforms were not a thing, and big media, while horizontal talk and gossip were.
Which is why making it illegal to spread factual information of their vulnerabilities and means to confirm it has effectively killed such feedback - reputation doesn't spread without confirmation.
So - customers unionize, because tech workers still think they're gonna be bosses in the new ancap world, and thus don't. I'm ancap since the time when that was more hated than neo-Nazis, and I've chosen that ideology consciously when I actually could think rationally about political and social ideologies, and they are not building anything of the kind.
For the post subject itself - they don't care if it ends up on the dark web. They don't lose anything significant.
Does one have to join some apple developers system and pay some annual developer's fee in order to get the 1000 bounty ?
Generally no, but submitting a bug bounty is very much a nontrivial amount of work in documentation alone.
So any future zero-days discovered will now sell on the dark web, you did this to yourself, Apple.
A "no touch" iOS exploit goes for 7 figs if proven and sold to a group looking.