Willa and Edwin Muir translated Kafka into English from 1929 to 1948. The convention in literary translation is called translator’s invisibility: if the English reads as though Kafka wrote it, the Muirs have done their job. Their choices — “insect” for the creature in Metamorphosis, “Castle” and “Trial” for the titles — shaped the Kafka that Anglophone readers knew for fifty years. A prize-winning study of his translators now barely registers their contribution. The invisibility worked.
Security disclosure has no name for this, but the structure is the same. Paul LaRosa found that AMD’s Windows auto-updater was downloading files over unencrypted HTTP — an open pathway for man-in-the-middle attacks. AMD acknowledged the flaw, asked for a delay, stretched the fix to 124 days, and then refused the $10,000 bounty citing a policy exclusion for man-in-the-middle attacks. The attack type that made the vulnerability dangerous was the same category AMD used to deny payment. The patch shipped. LaRosa’s finding was absorbed into it.
Both conventions serve the artifact-owner: the publisher keeps the text, the company keeps the patch. The contribution is supposed to disappear into what it fixed, and when the payment doesn’t come, the work has already been absorbed. There’s nothing left to point at.