Hacker News new | ask | show | jobs
by umvi 2178 days ago
All this has taught me is that if I find an exploit to unlock <insert DRM'd device> I need to obfuscate the heck out of it to make it as onerous as possible for low-effort bug bounty do-gooders to scoop up a reward from it.
2 comments
snazz 2178 days ago
Project Zero researchers don’t take bounties, to my knowledge.
link
saagarjha 2178 days ago
Nor have they been ever offered one, to my knowledge: https://twitter.com/i41nbeer/status/1027339893335154688. I'm actually not sure Apple has ever paid a bounty for anything that wasn't a web issue…
link
jlgaddis 2177 days ago
If memory serves, they've been offered but the bounties are always been given to charity.

I'm guessing that's a policy/requirement of Project Zero as, presumably, the P0 folks are making "enough" already.

link
saagarjha 2178 days ago
I don't think anyone is getting a bug bounty, especially from this one.
link