I wouldn’t generally require people to “compile their findings into a report”, but in this case the messages are weirdly devoid of any checkable information and then the reddit user in question mysteriously lost a laptop full of findings, so, yeah, these claims are not compelling. I don’t think the reverse engineer in question was lying, per se, but I do think they were very wrong at first by random chance, the story gained traction, and then they were too embarrassed to admit they fucked up.
If he’s a professional security analyst, his findings would be compiled into a report. Demonstration of where code is in the binary, even network sniffing results - something. An article saying “this guy said so and he knows what he’s talking about” is literally crazy.
Random anonymous reddit user who didn’t compile his findings into a report pointing to the places in the app binary where these things happen. OK.
I wouldn’t generally require people to “compile their findings into a report”, but in this case the messages are weirdly devoid of any checkable information and then the reddit user in question mysteriously lost a laptop full of findings, so, yeah, these claims are not compelling. I don’t think the reverse engineer in question was lying, per se, but I do think they were very wrong at first by random chance, the story gained traction, and then they were too embarrassed to admit they fucked up.
If he’s a professional security analyst, his findings would be compiled into a report. Demonstration of where code is in the binary, even network sniffing results - something. An article saying “this guy said so and he knows what he’s talking about” is literally crazy.