Early last month a security researcher announced that he had discovered a severe bug in macOS that left passwords stored in keychain vulnerable. The catch was that the researcher, Linuz Henze, refused to share the flaw with Apple because he was unable to get paid for his work. While Apple operates a bug bounty program for iOS where finding