The secret sauce these ex-Apple engineers hold is insight into the bugs & architecture flaws of their former company. They're a couple steps ahead of the patch releases, for now.https://twitter.com/iblametom/status/1044559777580425216 …
-
-
I assume Cupertino is watching /very/ closely, but as
@DonAndrewBailey mentioned, it's possible they're targeting subsystem or microcode flaws that are either very difficult or impossible to patch, and plausibly discoverable from available public docs or RE. -
Even if *possible* to rediscover, this whole practice puts a perverse incentive on engineers to ignore any bugs or high level security design flaws when they see them so they can later go make millions exploiting them.
-
Imagine if engineers designing bridges or skyscrapers ignored flaws so they could sell the flaws to terrorists and retire...
End of conversation
New conversation -
-
-
I'm of course against non-competes, but there should probably be a long-term ban on profiting off vulns in code you were responsible for developing/debugging/securing.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Well it is, unless you sell to LE.
-
That's not acceptable. If one jurisdiction won't prosecute, another should. And the ex employer should sue for all profits from the exploit business plus punitive damages.
-
No disagreement in principle from me. ;-)
End of conversation
New conversation -
-
-
“Planted/ignored bugs” is a huge speculation.
-
Anyone making products of this nature has already shown such a huge ethical failing that planting or ignoring bugs would be pocket change.
-
That’s a reach. Your hunch isn’t proof.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.