Pikagi
Popular Tweets
About
Privacy Policy
Removal Request
Ryan Naraine
@ryanaraine
8 years
$1.5 million price tag on iOS zero-day. Bug bounties can never compete
12
148
110
Download
Replies
Simon Hamp
@simonhamp
8 years
@ryanaraine
@codinghorror
but to be clear, you don't NEED high value bug bounties to find security holes
#justsayin
0
0
0
henrik ingo β€οΈπΊπ¦ β€οΈ
@h_ingo
8 years
@ryanaraine
Same bugs can be found by good hackers, who choose the bounty. In any case, they push the black market price up.
0
0
2
Chris Scollo
@spycho
8 years
.
@ryanaraine
Is there anything to stop someone from both selling the exploit AND claiming the bounty?
1
0
1
GoodNPlenty333
@GoodNPlenty333
8 years
@ryanaraine
@csoghoian
How are these paid for? Bitcoin?
0
0
1
jefe001
@jefe001
8 years
@ryanaraine
They can never compete, but they can provide enough to nudge fence-sitters to do the right thing w/ their zero-day bugs.
0
0
0
Bryan Bortz
@OwlBoy
8 years
@ryanaraine
@siracusa
We are in the realm of morality and greed.
0
0
0
Bart
@bartzumbari
8 years
@ryanaraine
@siracusa
article I read says the bounties are easier to get. Presumably because you're selling to an expert client (Apple)
0
0
0
TheMasterDS π
@TheMasterDS
8 years
@ryanaraine
@siracusa
how is that not illegal
1
0
0
@
[email protected]
@zofrex
8 years
@ryanaraine
pretty ill-informed thing to say. big difference between bug bounties and selling vulnerabilities, not directly comparable.
0
0
0
Laurent Giroud
@laurentgiroud
8 years
@ryanaraine
@siracusa
of course they can. Apple has hundred of billions in cash at hand. It is simply not their priority to compete.
0
0
0