Why is a bug hunter tired of Apple?

The second part "The reason why security researchers have decided to publish the" IOS "vulnerabilities" announcement of anger "" is Dennis Tokarev, a security researcher who is dissatisfied with Apple's attitude toward vulnerability.Known) explained the zero day (patched unpaid) vulnerabilities of "iOS".

This is not the first time to have a "conflict" between a bug hunter (a security researcher who searches for vulnerabilities and reports through a bug reward program such as companies) and Apple.As Mr. Tokarev pointed out in his blog entry (posted), Bug Hunter delayed Apple's vulnerability correction or modified vulnerabilities after receiving reports submitted to the Apple Security Bounty.I was dissatisfied with measures such as information disclosure.Apple Security Bounty is Apple's bug bugs and vulnerability report programs.

"These problems have existed for a long time," said Patrick Wordle, founder of Apple Product Security Tool Vendor Objective-See, a prominent security researcher for Apple products.Security researchers are tired of Apple Security Bounty and gave up, and are free to pay for bugs online."This tells a lot," said Wadol.

In the past, Wordle has many times in the past, "Why did I have any information about the bugs I reported and my survey by Apple?"Apple, on the other hand, has always been dealing with security information and allocating the common vulnerability identifier (CVE: COMMON VULNERABILITIES AND EXPOSURES)."But for me, the process was annoying and irritated," he said."Looking at the exchange between Apple and the external security research community, I had to question Apple's commitment to security."

We will carefully select the latest technical explanations, products comparison in the focusing fields, and IT products introduction of IT products from overseas companies from abundant articles in TechnoRget in the United States.