Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Google Researchers Say Hackers Exploited Two Zero-Day Vulnerabilities Patched in Apple's iOS 12.1.4 Update

H3LL5P4WN said:
These jerks really need to start turning their bugs in to either Apple or Saurik instead of el Goog.
Click to expand...
Then Apple needs to make it worth their while. While there is an ethical component to not using the detected vulnerabilities, if Apple doesn't have enough staff to comb through bugs and are too cheap to hire more people, then they should more handsomely reward bug hunters. At the same time, I wonder whether this might have a reverse effect where an Apple employee might tactically insert a vulnerability. In this way, they could sell knowledge of the vulnerability to the highest bidder who then reports this to Apple via the official bounty program...
 
nitramwin said:
Then Apple needs to make it worth their while. While there is an ethical component to not using the detected vulnerabilities, if Apple doesn't have enough staff to comb through bugs and are too cheap to hire more people, then they should more handsomely reward bug hunters. At the same time, I wonder whether this might have a reverse effect where an Apple employee might tactically insert a vulnerability. In this way, they could sell knowledge of the vulnerability to the highest bidder who then reports this to Apple via the official bounty program...
Click to expand...

Or people could just not be greedy. That's a thing, too.
 
69Mustang said:
I don't agree. Project Zero is good at what they do because it's all they do - search for zero day exploits in all OSes. That's not implication against Apple's software team QA. There hasn't ever, isn't now, nor will there ever be perfect software.

To say the FT bug should have been easily found suggests a naivete regarding software development. I agree Apple has deficiencies. So does every company. But to say Apple having a bug in it's software is an indicator of anything greater is kinda silly. There are far better examples of problems at Apple than software having a bug. Software is always going to have bugs.
Click to expand...


That is a weird line “it’s all they do “
Are you saying Apple DONT have a software QA team ? Then surely Apple QA team is severely lacking ....

I mean the very fact that they are now paying “hackers” to search for vulnerabilities , I would understand if it was that difficulty.

But for a FaceTime bug this simple to be missed? Perplexing ...

So many bug coming from Apple software in iOS and Mac OS.....
What happened to hair force one ?
 
zulkiflim said:
That is a weird line “it’s all they do “
Click to expand...
It's only weird if you ignore the rest of the sentence which contains the context. Searching for zero day exploits is all they do. It's even in the team name.;)
zulkiflim said:
Are you saying Apple DONT have a software QA team ? Then surely Apple QA team is severely lacking ....
Click to expand...
No one is saying Apple doesn't have a software QA team. Their team covers the entire gambit of issues. Not just zero days.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back