From my experience, working with real source from the repo with comments etc is ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		criley2 on May 14, 2019 \| parent \| context \| favorite \| on: WhatsApp voice calls were used to inject spyware o... From my experience, working with real source from the repo with comments etc is very different than working with reverse engineered binaries. That's probably what they're referring to.

pvg on May 14, 2019 [–]

The post says "the close[d] source nature of the applications stymied their efforts" not "finding security bugs is harder than not-finding security bugs". I didn't read anything in the linked post that supports the former statement, the latter one (or variants) seems obvious.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact