I will put aside Project Zero for a second -- in this particular case they're saying that they discovered that someone else has exploited the vulnerabilities. Perhaps that means that they weren't necessarily looking for them with analysis or fuzzing but a honeypot trapped a case where an attacker was successful. Can't we all agree that this discovery is to everyone's benefit? Google, Apple customers, Apple?
With respects to the merits of Project Zero:
> How fast do you think I would get sued ...
I don't think you would but even if you would -- your argument really seems to underscore the value of Project Zero. Google can publicize these bugs and have the resources to stand up to lawsuits from irresponsible vendors.
I'm not silly enough to think that Google doesn't exploit competitive advantages but in this case I think they are trying to catch up with the public perception of Apple's superiority wrt secure product design. Objectively we can see that's the case with many of the design elements of iOS vs Android. And it's not by putting down Apple that they do this, instead it's by demonstrating that they are leaders in security, not followers.
With respects to the merits of Project Zero:
> How fast do you think I would get sued ...
I don't think you would but even if you would -- your argument really seems to underscore the value of Project Zero. Google can publicize these bugs and have the resources to stand up to lawsuits from irresponsible vendors.
I'm not silly enough to think that Google doesn't exploit competitive advantages but in this case I think they are trying to catch up with the public perception of Apple's superiority wrt secure product design. Objectively we can see that's the case with many of the design elements of iOS vs Android. And it's not by putting down Apple that they do this, instead it's by demonstrating that they are leaders in security, not followers.