Hacker News new | past | comments | ask | show | jobs | submit login

The question is will they pay $1,000,000 for an exploit that unlocks an iphone?

http://www.reuters.com/article/us-apple-encryption-idUSKCN0X...




The article already addresses this:

  While $200,000 is certainly a sizable reward — one of the
  highest offered in corporate bug bounty programs — it won’t
  beat the payouts researchers can earn from law enforcement or
  the black market. The FBI reportedly paid nearly $1 million
  for the exploit it used to break into an iPhone used by Syed
  Farook, one of the individuals involved in the San Bernardino
  shooting last December.
Interestingly, for altruistic / independently wealthy researchers there's an incentive to report to Apple:

  In an unusual twist, Apple plans to encourage researchers to
  donate their earnings to charity. If Apple approves of a
  researcher’s selected institution, it will match their donation —
  so a $200,000 reward could turn into a $400,000 donation.


Smart move. That's not too shabby of a tax deduction.


I don't understand how the deduction from giving X to a researcher and X to a charity is smarter than just giving X to the researcher?


Tax deduction for the researcher, not Apple (note the original GP was about "altruistic / independently wealthy researchers").


Hows donation of X for tax savings is better than 0.6X income?


It is meant to encourage donations to non-profits which is something pretty good that corporates could do.

So it effectively reduces to what you'd prefer: 0.6X for yourself, or 2X for a non-profit that you want to support.


Yea, I was just kidding. Also, selling the exploit to Apple is more of a guarantee than waiting around to see if the government needs it (assuming you want to stay legal).


Odd. That's right around the same price zerodium is willing to pay.

https://www.zerodium.com/ios9.html

Ever notice, you never see Superman and Clark Kent in the same room? ;)


$200k appears to be the maximum payout.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: