- Last Active
This wasn’t vulnerability dicovered by a well known security agency through an organized Pwn2Own type of initiative. It was reported as a bug by a teenager and his mum, likely through some high-volume general feedback mechanism. It could take several days for a staffer to even look at it, and it likely wasn’t thoroughly documented so as to easily be reproducible.
That being said, I’d be interested to know the gap in time between their realization of the scale of the bug and the first communication.
The value of the phone that the chip goes into should have no bearing on the licensing cost. That would be like charging more for a gallon of gas going into a Ferrari vs a Toyota.
Not sure if volume licensing discounts are permissible under FRAND. I believe they might be, as long as they’re consistent.