[curiousgal]

TL;DR: reverse engineer a jailbreak exploit.

> By 7 PM, I had identified the vulnerability and informed Apple

I don't know why this rubbed me the wrong way. Like, it feels "lazy" (for lack of a better way) to disassemble an exploit and run off to tell the vendor. If anything, the exploit writer should get the credit. I don't know.

[saagarjha]

> If anything, the exploit writer should get the credit.

They did: https://support.apple.com/en-us/HT211214

[aarong11]

But they didn't report it did they? Playing devil's advocate a bit here, but they could have reported it for a bug bounty but they instead chose to use it to create a jailbreak.

[texasbigdata]

Maybe reworded, the value accrues to the explainer of the issue to the code writer. Therefore, this dude did something valuable. Ecosystem works. Perhaps.

[CountHackulus]

They did, the article points out that this was caused by a regression. Fixing a memory leak made it such that it reenabled an old bug.

[xuki]

The exploit was public, but obfuscated to make it harder for bad actors to make use of. Apple likely didn't need help to identify the vulnerability, but I'm sure they welcomed it.

[forgotmypw17]

To me, seems like informant territory.

[umvi]

All this has taught me is that if I find an exploit to unlock <insert DRM'd device> I need to obfuscate the heck out of it to make it as onerous as possible for low-effort bug bounty do-gooders to scoop up a reward from it.

[snazz]

Project Zero researchers don’t take bounties, to my knowledge.

[saagarjha]

Nor have they been ever offered one, to my knowledge: https://twitter.com/i41nbeer/status/1027339893335154688. I'm actually not sure Apple has ever paid a bounty for anything that wasn't a web issue…

[jlgaddis]

If memory serves, they've been offered but the bounties are always been given to charity.

I'm guessing that's a policy/requirement of Project Zero as, presumably, the P0 folks are making "enough" already.

[saagarjha]

I don't think anyone is getting a bug bounty, especially from this one.