Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why does responsible disclosure go out the window when it comes to iOS lock screen issues?


Really? Any and all lockscreen bypass go straight to mainstream tech outlets. There have been plenty for Android. The real question is why does Apple have this problem with seemingly every major release? This is not a remote exploit and should be publicly shown.

Beyond that there are many that feel if Apple doesn't want to participate in having a more responsive approach towards security why should people go out of their way to play nice with them? Give and take, Apple has played out the "we don't respond unless it's in the interest of saving public face or potential sales losses" far too long. Being overly secretive is a bad thing today, especially with regard to consumers expectation of going to bat for them when it makes sense. They've continually lost face with me (in this particular regard) over the years in their elitist stance. It's of their own doing and approach. And it's completely in their control to change.


Probably because Apple has never acknowledged a problem with their platform, let alone rewarded one. Apple's outreach to any kind of dev community is nothing short of awful.


I guess the official statement from Apple that they're working on the lock screen bugs is a case of "Apple never acknowledging a problem with their platform"? I guess they don't have a security-announce list where they post many bugs a month[1]. I guess the message to go along with iOS 7 that lists a bunch of security researchers who disclosed bugs to apple shows their awful relationship with developers[2]. What a bunch of FUD.

[1] http://lists.apple.com/archives/security-announce/2013/Sep/i... [2] http://lists.apple.com/archives/security-announce/2013/Sep/m...


Now, now. We wouldn't want to let a pesky thing like reality get in the way of the Apple-hates-developers circle-jerk, would we?


Really? For all these years I follow such things, nothing you said it's true.

Apple regularly posts security updates and notices, and they aknowledge the people who find them.

Heck, even besides security, the claim that "Apple has never acknowledged a problem with their platform" is totally BS.

Steve Jobs himself apologized for the iPhone 4 antenna, and there was also a public statement from Apple about iOS Maps. An of course, they also have the usual recall programs, for things such as faulty batteries, HD and such.

So, FUD much?


Does that change ethical responsibility?


May be because it is a bug not vulnerability? Also, if someone with malice intent can get physical access to your phone then may be you will have much more to worry about?


Well, at least we found out about this the same time the NSA did.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: