logoalt Hacker News

yogorenapanyesterday at 2:49 PM2 repliesview on HN

I've reported security bugs to Apple before. Was a couple years back but I remember it taking around 6 months to patch (there was a couple back and forth for me to get a more reliable POC). Maybe 2 months from when I submitted a POC with 100% reproducibility

Replies

take91yesterday at 3:23 PM

At least in the past there has been instances where Apple sat on security bugs for years until they were fixed, one example: https://jonbottarini.com/2021/12/09/dont-reply-a-clever-phis...

I've heard they cleaned up their program recently to respond much quicker nowadays

mark_l_watsonyesterday at 4:23 PM

Not sure how much it helps, but I just run all my Apple devices in "Lockdown mode", don't install apps (use Safari), and try to mostly use Safari in private sandboxed mode.

show 2 replies