Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
eastbound
on Oct 26, 2022
|
parent
|
context
|
favorite
| on:
SiriSpy – iOS bug allowed apps to eavesdrop on you...
The right amount for a security bounty is the sum of all assets covered by that vulnerability minus $1.
This is the only way companies will take the right processes to protect those assets.
kube-system
on Oct 26, 2022
[–]
The impact and difficulty of exploit are pivotal parts of assessing the risk of a vulnerability. It doesn’t really matter how many dollars of things are involved if the exploit can’t be exploited or if it’s not a big deal if anyone does.
Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
This is the only way companies will take the right processes to protect those assets.