What a crappy summary and crappy article. The wavefunction is no more a real object than any other mathematical function. The statement: "f(x)=x^2 is a real object" has no valid meaning whatsoever. To even call it a theorem is ridiculous. Likewise goes for the wavefunction. It is a tool to model our "real" world. Some models are exact and precisely describe the "real" world. Other models only work under certain assumptions and/or reference frames.
If you actually read the research paper, the authors consider the question of whether a quantum state is a physical property attached to a system. Said another way, do quantum systems actually exist? Or are they purely theoretical? From the article:
"The statistical view of the quantum state is that it merely encodes an experimenter's information about the properties of a system. We will describe a particular measurement and show that the quantum predictions for this measurement are incompatible with this view."
The gist of it is that they have produced a result (didn't read the whole thing to actually figure out what their result was) which relied mainly on three assumptions:
Since their result is incompatible with the statistical view of quantum states, it must due to one of the assumptions above. They don't actually make the claim that quantum states are physical properties (like length, width, height, mass, etc. are). In fact, they conclude with:
"More radical approaches are careful to avoid associating quantum systems with any physical properties at all. The alternative is to seek physically well motivated reasons why the other two assumptions might fail."
Unless I missed something in the article, the analogy here makes absolutely no sense. Security researchers aren’t injecting the bugs into software and then “discovering” them. I can’t “breed” a bug into firefox only to turn it in for a profit. Unless they are claiming inside devs are introducing bugs for outside researchers to find and then splitting the profit, which isn’t how I read it (and probably wouldn’t work for too long anyway).
But it turns out that he knows more about security than one would think. Maybe even more than he might think.
Or perhaps not? This comes across as exactly the kind of outsider without a clue looking in type perspective that is described at the start of the article. Sometimes outside perspectives are useful, but this whole article is mostly pointless (besides the interesting story about rat farming).
The only potential point I can see (which they didn’t try to make, so I’m probably imagining it) is that by having these bounty programs, bugs are discovered that otherwise might not have been looked for. Very thin.
You did miss something. The researchers are not injecting bugs. Instead, they are "farming for bugs" in the sense that they (presumably) put the software through a battery of tests (the "breeding" process). His point was that the bounty system was originally to motivate USERS to submit reports (like in S.A. where the point was to encourage citizens turn in rat bodies). Instead, you've now got security researchers who may have absolutely no interest in using the software itself but have a monetary incentive to report bugs. Similarly, the rat farmers have no interest in getting rid of the infestation problem, they're just there to cash in on the rewards. The difference, however, is that the rat farmers breed the rats, whereas the analysts merely look for bugs (more akin to someone from another geographical region relocating to S.A. so they too can catch rats and turn them in).
A rock store eventually closed down; they were taking too much for granite.