Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

this is the real reason. not anything internal/culture related

A good iOS 0-day is worth hundreds of millions of dollars in contracts with shady governments. Apple can't compete with that multiple times a year



This doesn't compute: is the claim Apple badly manages its bug-bounty because 0-days are too valuable? If that's the case, I'd expect the opposite effect: Apple would recognize how valuable the reports being sent to them by white-hats are, and would react with a sense of urgency and gratitude. As it is, Apple is behaving as if 0-days are worth very little, and not a big priority.


According to Zerodium, iOS exploits are cheaper than Android exploits because they are so plentiful in comparison.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: