this post was submitted on 10 Jun 2024

418 points (89.4% liked)

Technology

59429 readers

3092 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

418

Apple refused to pay bounty to Kaspersky for uncovering vulnerability in 'Operation Triangulation' - 9to5Mac (9to5mac.com)

submitted 5 months ago by [email protected] to c/[email protected]

60 comments fedilink hide all child comments

Kaspersky uncovered iOS vulnerabilities in 'Operation Triangulation', reported to Apple, but was refused bounty payment
Apple's Security Bounty Program offers rewards up to $1 million for discovering vulnerabilities to prevent them from being sold on the dark web
Apple's refusal to pay Kaspersky could be due to restrictions on financial transactions with companies in sanctioned countries like Russia.

(page 2) 13 comments

sorted by: hot top controversial new old

[–] [email protected] 35 points 5 months ago

"refused". Okay, headline.

[–] [email protected] 238 points 5 months ago (6 children)

Apple Security Bounty awards may not be paid to you if you are in any U.S. embargoed countries or on the U.S. Treasury Department’s list of Specially Designated Nationals, the U.S. Department of Commerce Denied Person’s List or Entity List, or any other restricted party lists.

Kaspersky can whine all they want. Russia is embargoed. They're not getting their money.

Kaspersky is a good company doing good work in the cyber security space. Unfortunately, because of the embargo, they may have to turn to the black market to sell future exploits. Or maybe not; I'm not totally sure what kind of ethical standards they have.

[–] [email protected] 1 points 5 months ago

Who/what are on those other lists.

[–] [email protected] 59 points 5 months ago (1 children)

Yeah sorry guys, did you forget you work for an asshole?

[–] [email protected] 76 points 5 months ago (1 children)

Apple could have tried to work with them and said something like "We'll pay when the embargo ends", since now Kapersky has every reason to sell their next apple exploit on the black market.

They've just turned a department of people successfully working to make apple more secure into a department of people working to make it less secure.

[–] [email protected] 61 points 5 months ago (2 children)

Apple could have tried to work with them and said something like "We'll pay when the embargo ends"

.....aaaaand that would most likely be trying to circumvent the sanctions by essentially receiving credit from Kaspersky on delivered services.

Not saying the situation is optional, but the sanctions would be extremely toothless if it was that easy to circumvent.

[–] [email protected] 25 points 5 months ago (2 children)

How is holding the money until (and if) the sanctions are lifted, "circumventing"?

However unlikely it would be, if the sanctions are lifted (maybe Russia gets a new, sane Government, calls off its invasion, stops its international shenanigans), wouldn't it be OK to pay this company then?

[–] [email protected] 23 points 5 months ago (2 children)

It would still probably count as some sort of trade (even when delayed), which is what would violate the sanctions.

load more comments (2 replies)

load more comments (1 replies)

[+] [email protected] -7 points 5 months ago (11 children)

They are extremely toothless in the sense of making continuation of the war less interesting.

Russian oil\gas\etc revenues have grown.

What the sanctions have hurt are mostly many smaller businesses and individuals. Well, big companies too, but that just makes them more dependent on state support. Which is a win for the Russian government.

Kaspersky is definitely an FSB-friendly company.

But still, most people hurt by sanctions are innocent. Well, less guilty than European politicians profiting from cooperation with Russia both before and after 2022, and remember how all those "free democratic" countries claimed Russian elections were legit when having Putin in Russia seemed to have no downsides, despite mass protests.

[–] [email protected] 6 points 5 months ago* (last edited 5 months ago) (3 children)

[many citations needed]

Also, you seem to be putting the actions of Putin (and the consequences of allowing him to get the country to this state) on to Europe and NATO. The fact is that these sanctions would not be in place if Putin didn't invade a neighboring country for illegal annexation (specifically, Russia violated United Nations Charter Article 2, paragraph 4).

I'm sorry to tell you that mass protests aren't enough. As long as the Russian people are complicit (for example, by continuing to contribute to war efforts at their oil refinery jobs) and continue to allow Putin to govern, they will suffer.

load more comments (3 replies)

[–] [email protected] 15 points 5 months ago (5 children)

Russian oil\gas\etc revenues have grown.

Is that why Gazprom posted its first annual loss in 20 years? a loss of $6.9 billion. Because revenues have grown so much?

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago) (3 children)

Huge growth!

Since many of the sanctions also apply to things that are expected to fail over time, like electronics and industrial equipment, I'm sure the losses will continue to rise. Something to look forward to.