科技回声

6 条评论

Facebook: <a href="https://www.facebook.com/whitehat" rel="nofollow">https://www.facebook.com/whitehat</a>Amazon: <a href="https://aws.amazon.com/security/vulnerability-reporting/" rel="nofollow">https://aws.amazon.com/security/vulnerability-reporting/</a>Netflix: <a href="https://help.netflix.com/en/node/6657" rel="nofollow">https://help.netflix.com/en/node/6657</a>Google: <a href="https://www.google.com/about/appsecurity/programs-home/" rel="nofollow">https://www.google.com/about/appsecurity/programs-home/</a>Microsoft: <a href="https://www.microsoft.com/en-us/msrc/bounty" rel="nofollow">https://www.microsoft.com/en-us/msrc/bounty</a>More: <a href="https://www.ubuntupit.com/best-bug-bounty-programs-on-internet/" rel="nofollow">https://www.ubuntupit.com/best-bug-bounty-programs-on-intern...</a>

评论 #21841716 未加载

jc_811超过 5 年前

I see the biggest bounty is for &1,000,000USD and says:” Zero-click kernel code l execution with persistence and kernel PAC bypass”As someone who doesn’t speak this language, what does thismean? And are there examples in history of this type of exploit affecting a large company?

评论 #21841816 未加载

评论 #21841810 未加载

dsalzman超过 5 年前

Real $ amounts! This is how you beat the black market.

评论 #21842031 未加载

_bxg1超过 5 年前

Is this new? Is that why it's being posted?

评论 #21841728 未加载

评论 #21841698 未加载

pabs3超过 5 年前

I heard a rumor that Apple has never paid out any money in their invite-only bug bounty days. This 2018 article seems to suggest that is true. Does anyone have any data to the contrary?<a href="https://www.vice.com/en_us/article/7xqdxe/google-project-zero-hacker-iphone-bug-bounty" rel="nofollow">https://www.vice.com/en_us/article/7xqdxe/google-project-zer...</a>

zemnmez超过 5 年前

Critically, there's no information about whether reporters are allowed to disclose, which usually means that Apple is going to hide any seriously damaging vulnerabilities...

评论 #21841774 未加载

6 条评论

killjoywashere超过 5 年前

评论 #21841716 未加载

jc_811超过 5 年前

评论 #21841816 未加载

评论 #21841810 未加载

dsalzman超过 5 年前

Real $ amounts! This is how you beat the black market.

评论 #21842031 未加载

_bxg1超过 5 年前

Is this new? Is that why it's being posted?

评论 #21841728 未加载

评论 #21841698 未加载

pabs3超过 5 年前

zemnmez超过 5 年前

Critically, there's no information about whether reporters are allowed to disclose, which usually means that Apple is going to hide any seriously damaging vulnerabilities...

评论 #21841774 未加载

Apple Security Bounty

6 条评论

Apple Security Bounty

6 条评论