Craig HockenberryMay 14, 2024

A not fun fact: I didn't get a security bounty for a macOS release that was done specifically to address an issue I found.

https://mjtsai.com/blog/2024/05/14/no-bounty-for-kernel-vulnerability/

The rational was that I disclosed the issue publicly. Which I did after reporting it in the beta releases, and after they said “we're unable to identify an issue in your report”, AND AFTER THEY RELEASED THE FUCKING VULNERABILITY.

https://mastodon.social/@chockenberry/111580066311950281

I have no energy/desire to argue with Apple, but this ain't a good look for a $3T company.

Michael Tsai - Blog - No Bounty for Kernel Vulnerability

Show threadVermyndaxMay 14, 2024
@chockenberry @atlauren and you’re whining on X? Really? You should take this up privately with Apple.
Show threadCraig HockenberryMay 14, 2024
@vermyndax @atlauren Read the posts. I did, and got nowhere.
Show threadVermyndax
@chockenberry @atlauren Ok
May 15, 2024 at 12:02amWeb
Show threadmingistech May 15, 2024
@vermyndax @chockenberry @atlauren go troll on X.
Show threadVermyndaxMay 15, 2024
@mingistech @chockenberry @atlauren I dunno why I thought his post was on X, and now I see that it wasn't. Therefore, my post about it being on X is invalid (as is most of what I said after having read through the thread).