Hacker News new | past | comments | ask | show | jobs | submit login

The sad reality is that black hats have been exploiting this class of bugs for years.



GPZ finds a entirely new class of vulnerability, Apple takes 4 months to patch and resolve. And you claim this has been exploited for years. There is 0 evidence of this, and such a claim demands proof.

I would be happy to apologise if you could find one example of exploitation prior to a few days ago when it became public.


The point of the 0-day black market is to not reveal these attacks publicly. If there were public proof of this in the past it would have been fixed in the past.

Take my word for it when I say there are upper echelons of black hats that are stockpiling unknown 0-day exploits like this and presently using them in the wild.

Or dismiss me as irrational and continue with the belief that all bugs are unknown until white hats share them with Apple.


There is a middle ground between "all bugs are known on the black market" and "no bugs are known only on the black market."




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: