Alexander Sotirov and Dino Dai Zovi @ CanSecWest 2009
Ryan Naraine: Did you consider reporting the vulnerability to Apple?
Charlie Miller: I never give up free bugs. I have a new campaign. It’s called NO MORE FREE BUGS. Vulnerabilities have a market value so it makes no sense to work hard to find a bug, write an exploit and then give it away. Apple pays people to do the same job so we know there’s value to this work. No more free bugs.