Three iOS 0-days revealed by researcher annoyed with Apple’s bug bounty

Pseudonymous researcher illusionofchaos joins a growing legion of security researchers frustrated with Apple's slow response and inconsistent policy adherence when it comes to security flaws.

Enlarge / Pseudonymous researcher illusionofchaos joins a rising legion of safety researchers annoyed with Apple’s sluggish response and inconsistent coverage adherence relating to safety flaws. (credit score: Aurich Lawson | Getty Photos)

Yesterday, a safety researcher who goes by illusionofchaos dropped public discover of three zero-day vulnerabilities in Apple’s iOS cellular working system. The vulnerability disclosures are blended in with the researcher’s frustration with Apple’s Safety Bounty program, which illusionofchaos says selected to cowl up an earlier-reported bug with out giving them credit score.

This researcher is on no account the primary to publicly specific their frustration with Apple over its safety bounty program.

Good bug—now shhh

illusionofchaos says that they’ve reported 4 iOS safety vulnerabilities this 12 months—the three zero-days they publicly disclosed yesterday plus an earlier bug that they are saying Apple fastened in iOS 14.7. It seems that their frustration largely comes from how Apple dealt with that first, now-fixed bug in analyticsd.

Learn 15 remaining paragraphs | Feedback

Related Posts

Leave a Reply

Your email address will not be published.