I have discovered a major exploit which allows bypassing Touch ID from the lock screen. How do you guys recommend that I go about disclosing this so that I can get the bounty that Apple has on bugs of this magnitude?
Do I need to have it well documented? Does it need to be reproducible on another device? I don't want to mess this up, but I also don't want to be too late in disclosing this. As you can see I am a long time member of these forums going back to the original iPhone launch in 2007 and can assure you that I am 100% dead serious. This is actually pretty nuts. I have no idea how the bug bounty program works and found little information online about how to file and what specifically I need to do to cover all of my bases. I have already recorded a video of the exploit in action and considered submitting it to the editors here but if I can get paid then I do not want to screw this up.
Thank you so much. I don't know if I'm going to be able to sleep tonight.
Do I need to have it well documented? Does it need to be reproducible on another device? I don't want to mess this up, but I also don't want to be too late in disclosing this. As you can see I am a long time member of these forums going back to the original iPhone launch in 2007 and can assure you that I am 100% dead serious. This is actually pretty nuts. I have no idea how the bug bounty program works and found little information online about how to file and what specifically I need to do to cover all of my bases. I have already recorded a video of the exploit in action and considered submitting it to the editors here but if I can get paid then I do not want to screw this up.
Thank you so much. I don't know if I'm going to be able to sleep tonight.
