Apple apologizes to the cybersecurity expert it has long ignored

Apple si scusa per aver ignorato un esperto di cybersecurity thumbnail

Apple he apologized to the cybersecurity researcher Denis tokarev, for ignoring his reports on some iOS vulnerability. The leaks went without fix for months. But the Apple claims to be still working to understand what the problem is and how to solve it.

Apple apologizes to the cybersecurity expert he ignored

Tired of being ignored, despite his work in reporting vulnerabilities and leaks to Apple, Tokarev last week expressed his frustration publicly. In fact, he reported that he was ignored by Apple, which not only did not answer to him but left the reported bugs uncovered.

Tokarev reports to Motherboard today that he received a response from Apple via email. A Cupertino employee wrote: “We have seen his blog post about this issue and his other reports. We apologize for the delay in replying. We want you to know that we are still investigating these issues and how we can solve them to protect customers. Thank you for taking the time to report these issues, we appreciate your help. Please let us know if you have any other questions ”.

According to Tokarev himself, Apple has so far fixed only one of the reported vulnerabilities. Without giving credit to the cybersecurity fugitive. Others remain uncovered, including one on the Game Center that allows apps to access your name and email linked to your Apple ID account. You can find the details of the vulnerabilities reported on the page published by Tokarev.

The researcher first contacted Apple between March 10 and May 4. However, it should be noted that Tokarev himself acknowledges that these flaws are not critical, because they require the installation of an app that would first have to be approved by Apple to make it to the App Store.

But other researchers also reported to the Washington Post that Apple is slow to fix bugs and doesn’t always pay the promised rewards. But Apple’s cybersecurity team promised to expand and enhance the rewards program to report bugs and vulnerabilities.