Apple announces bug bounty program that will pay hackers to find iOS flaws

Posted on Posted in 2016 Business Opportunities For You, What's Trending Now


Apple is planning a new bug bounty program that will offer cash in exchange for undiscovered vulnerabilities in its products, the company announced onstage at the Black Hat conference yesterday. The program, which will be launched in September, will offer cash rewards for working exploits that target the latest version of iOS or the most recent generation of hardware. It’s the first time Apple has explicitly offered cash in exchange for those vulnerabilities, although the company has long maintained a tip line for disclosing security issues.


Bug bounty programs have become an increasingly popular way to encourage responsible disclosure once a vulnerability is found. Uber, Fiat Chrysler, and the Department of Defense have all launched similar programs this year. More established companies like Google, Microsoft, and Facebook have had bounty programs in place for years. Google paid out more than $2 million in bug bounties last year, mostly for vulnerabilities in Android.


Apple was one of the last major tech companies without such a bounty program, relying instead on internal security teams and informal relationships with researchers. That policy drew some criticism in the wake of the San Bernardino case this year, after police purchased an undisclosed vulnerability in order to break security measures on an alleged killer’s phone.


Hashflare 336 x 280


The new program will begin as invite-only, including only a few dozen researchers. Still, Apple says the program will become more open as it grows, and if a non-member approaches Apple with a significant bug, they’ll be invited into the program to work it through. The invite system is unusual for a bounty program, but Apple explained it as necessary to weed out spurious submissions and make sure trusted researchers had adequate support from the company.


For now, the new program is also limited to five distinct categories of bugs. The most valuable category — worth up to $200,000 — is vulnerabilities that compromise the secure boot firmware components, cutting at the heart of Apple’s hardware protections. Notably, those vulnerabilities are also particularly useful for jailbreaks. Smaller rewards are available for the extraction of data from the Secure Enclave, extraction of arbitrary code, escaping a sandboxed process, and obtaining unauthorized access to iCloud account data.


Hi guys, Vanessa Dunford {@vaniccilondon} here. I just want to grab this opportunity to THANK EACH OF YOU for engaging in my posts! It means the world to me!!! If You Want To Find Out How To: ? Get Your Dream Car Paid For You ? Earn While You Travel The World ? Live The Lifestyle That You Have Always Dreamed Of ?Watch The Amazing Testimonials Of Our Members And Their Results In My BIO link.??? ? Warning: We Only Accept Limited Number of Applicants/New Members Per Day At Any Given Time. ? Test Drive It Yourself Now and Try It For $1. Yes I Will Spell It Out – One Dollar To Try This System! ? You have your own Business Coach that will walk you through every step of the way. How cool is that? 🙂 Definitely a No Brainer Guys! Whatever you guys are up to – Stay Awesome! Talk soon, Vanessa #amazing #incredible #mindset #winners #opportunity #mentor #businesspassion #businesscoach #london #londoneye #londonlife #londontown #londoner #luxury #entrepreneurship #businesswomen #business #businesswoman #businessman #businessowner #onlinebusiness #millionaire #millionaires #millionairemindset #millionairelifestyle #makemoneyonline #homebasedbusiness #moneymaker #money #moneyteam

A video posted by Vanicci Dunford (@vaniccilondon) on

Leave a Reply

Your email address will not be published. Required fields are marked *