|
|
|
|
|
|
by ac29
3153 days ago
|
|
|
Exploring the acknowledgements [0] shows many of these Chinese researchers are working for the big internet firms there (Alibaba, Tencent, Baidu), so my guess is they are more motivated in securing Android for internal use than collecting bounties (its entirely possible they run their own AOSP-based Android builds for employee-provided hardware). Being China, its also possible that the Chinese government indirectly or directly sponsors this research, since Android is by far the most common smartphone OS there. edit: C0RE Team [1], who also has many contributions seems to be an independent research company, who may be doing it just for the bounties. [0] https://source.android.com/security/overview/acknowledgement... [1] http://c0reteam.org/about.html |
|
|
If there's a discrepancy, then that's possible evidence one group might be hoarding bugs, or at least waiting for notification approval from, e.g., a domestic intelligence agency.