Hacker News new | ask | show | jobs
by throwaway38475 1002 days ago
They all do that. I've been in Offensive Security for 10+ years with several spent at FAANGS, and not only do they all have large security teams doing internal testing, they hire multiple contractors like Trail-of-Bits to audit every important service continuously throughout the year.

Apple has way more than 10 full time researchers looking at iOS all day, trust me :). They also have a really generous bug bounty. There is always bugs though.
1 comments
kramerger 1002 days ago
> Apple has way more than 10 full time researchers looking at iOS all day.

Yes

> They also have a really generous bug bounty.

Hell no

link
tholdem 1002 days ago
Agree. Not long ago, Apple used to sue people reporting vulnerabilities to them. Imagine punishing people doing free work for you. Not a good look.
link
77pt77 1002 days ago
Getting punished is the default.

If you refer come across anything, keep your mouth shut.

link
lima 1002 days ago
Not only is it not generous (relatively speaking), but actually getting paid can be extremely annoying.

Used to be even worse.

link