Hacker News new | past | comments | ask | show | jobs | submit login

It's pretty undeniable that there exists a significant cohort of folks whose sole reason for getting into security is to find vulnerabilities to collect bounties. Beg bounties are that taken to an extreme.

> But if not, the reasonable response is to stop doing security research for free for Apple, not doing research with a goal of using it immorally due to a kneejerk reaction.

I'm sure lots of people will! But that won't necessarily stop folks from saying "I've discovered a vulnerability that would yield me an amount of money that would substantially improve my near-to-medium-term quality of life" and doing what's necessary to profit from that. Apple's program _necessarily_ inflates the amount of money a vulnerability sells for through immoral channels regardless of whether anyone is participating in it.

> If Apple stops their bug bounty program today this is still not a justification to look for vulnerabilities in their products and sell them on the black market.

This might be true for you, but that doesn't mean it's true for even a majority of other people.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: