“It’s a trick. It’s not dead. Get an axe.”
Apple yet again unleashes “a blog” to “address the community”, Apple Security this time. … I can’t recall what the title of the last one was, it lasted like 2 posts a few years back. Same pattern:
- No author names
- No RSS
- No comments
- No way to send feedback at all, even to their ghost town forums.
First post is a long, rambling dissection of a new kernel malloc, maybe reducing the memory access errors that keep giving h4xx0rz 0-days into Apple gear. No actionable content; it’s for them to say they’re doing something, not you to improve your code.
Second is an update claiming now they’re gonna actually pay out bug bounties, even tho it’s been a nightmare to extract a red cent from them in the past, honest kick the ball this time for sure, Charlie Brown.
Zero trust in this meaning anything. I bet Grubs fellates this like the second coming of WWDC.