undefined | Better HN

0 pointsradford-neal7y ago0 comments

If pressing enter a lot is such a trivial way of activating a bug, why wasn't it already found by Apple?

I would hope that Apple employs dozens of people at $100K or more a year to find bugs in macOS. Why wouldn't they pay comparable amounts to incentivize others to find bugs?

Failure to do so is a significant indication of their priorities.

0 comments

dogma11387y ago

I didn’t said they shouldn’t pay estimating the effort for finding a vuln is a silly practice, however if it was trivial to find and essentially being stumbled upon you can’t say they must pay for your effort because there was no real effort involved.

And I would bet that Apple pays its security engineers well above 100K.

j / k navigate · click thread line to collapse

0 pointsradford-neal7y ago0 comments

If pressing enter a lot is such a trivial way of activating a bug, why wasn't it already found by Apple?

I would hope that Apple employs dozens of people at $100K or more a year to find bugs in macOS. Why wouldn't they pay comparable amounts to incentivize others to find bugs?

Failure to do so is a significant indication of their priorities.

0 comments

dogma11387y ago

And I would bet that Apple pays its security engineers well above 100K.

j / k navigate · click thread line to collapse