On HN the Apple-related headlines that make it to the top are 80-90% how glorious Apple's closed source platform is and 10-20% how awful apple's dictatorship of their own app store is. I don't think it's true that we should not post critical articles just because Apple already "gets enough" by some standard.
Oh I don't. I expect Apple to hold their bug reporters to those standards, though, so it's interesting to see that they are giving a "bounty" to this "irresponsible disclosure".
How was the disclosure irresponsible? AIUI, multiple attempts were made to report the bug. It went viral a couple of days later on social media. I'm not aware of a link between those two events.
Huh? Group calls were not a new feature, and the teen's mother made several attempts to disclose it privately to Apple, including registering for a developer account and submitting a bug from there. I'm pretty sure that's as close as "responsible disclosure" as you can get.
What? As far as I understand, with his mom, he attempted to report it to the product-security email Apple tells you to do, they were brushed off and told to file radars, which they then did. And nothing happened. So, yes, he reported it responsibly and was ignored... traditionally, that's when security researchers say you move to reporting it via more public means...
Certainly Apple has deserved that scrutiny, but I was also waiting to see whether they'd do the right thing here.