Apple will pay up to a million dollars to those who will be able to report vulnerabilities on their iOS and MacOS devices.
Those with the skills and knowledge to do so can get to work and hope to extend their hands on the generous reward that Apple will recognize for reporting the most serious bugs found in its software. Up to a million dollars for critical vulnerabilities, potentially able to bring the security of the iPhone and Mac line computers to its knees.
Apple updates the Bug Bounty Program
The news for the Bug Bounty Program has been anticipated in recent days by a rumor that appeared on the pages of Forbes, then confirmed directly by the Cupertino group at the Black Hat conference staged in Las Vegas. Starting in the autumn, all interested researchers will be able to take part, globally, without the obstacle of the invitation so far necessary.
The quintupled prize (today reaches 200,000 dollars) is an investment that Apple knows how to repay over the long term. First of all in terms of the reliability of its devices. Then, in this way those able to carry out an exploit capable of exploiting the bugs, will not be tempted to sell them to third parties that could make a malicious use of it: the Zerodium company has made it known that it has received an offer of two million dollars for to set up a remote hack for iPhones.
Ivan Krstić, head of the team of engineers working on the security of iOS and macOS, has made official that since the launch of the program in 2016, reports have already been collected on about 50 vulnerabilities deemed serious.
The one million reward will be awarded to researchers able to discover and force a bug related to the operating system kernel, exploitable in a malicious way without requiring any kind of active interaction from the user. For those who discover a flaw that allows an attack via network, the sum will be $500,000. There is also a 50% bonus for notifications about software not yet distributed.
In this regard, in recent days there has been talk of special versions of the iPhone with jailbreak that Apple will provide to the interested parties, in order to allow them to fully analyze every aspect of the devices, both as regards the software sector and the hardware side.