Hacker News new | past | comments | ask | show | jobs | submit login

>First, Apple did not even acknowledge the report to the initial finder.

That is strange. I worked with some folks who interacted with researchers and their reports.

Half the battle with them was getting back to the researcher and getting their cooperation about keeping quiet + assuring them they're working on it, and working with them if additional data is needed. And at the same time fending off internal folks who have poor instincts and want to push back against, blame, or even punish the researcher (this was surprisingly common at companies who even should know better).

It's not the hardest part but developing that trust can be a big difference between a possible PR nightmare or not, and the initial contacts are a big deal.

Also researcher's who you get along with sometimes come back with better data, additional bugs,etc.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact