Wednesday December 02, 2020
intellect logo

Home Softonomics Bounty for the Bug

Bounty for the Bug

Bounty for the Bug

Apple will pay you if you find bugs in their products, from now on. Microsoft, Facebook and Google launched bug bounty programs years ago; they reward researchers and hackers who report vulnerabilities in their product.  Apple was a holdout but not anymore.
Recently Apple announced at the Black Hat security conference that the company would be launching a bug bounty program starting this fall to pay outside security researchers and white hat hackers privately disclose security flaws in the company's products.
Head of Apple security team, Ivan Krstic, said the company plans to offer rewards of up to $200,000 (£152,433) to researchers who report critical security vulnerabilities in certain Apple software. It is one of the highest rewards offered in corporate bug bounty programs. Apple Bug Bounty Program — Invite Only, For Now Apple is keeping the bug bounty program small by launching it as invitation-only. It is open only to limited security researchers who previously made valuable bug disclosures to apple.
Launching in September, the program will offer bounties for a small range of iOS and iCloud flaws. Here's the full list of risk and reward:
Flaws in secure boot firmware components: Up to $200,000.Flaws that could allow extraction of confidential data protected by the Secure Enclave: Up to $100,000.Vulnerabilities that allow executions of malicious or arbitrary code with kernel privileges: Up to $50,000.
Flaws that grant unauthorized access to iCloud account data on Apple servers (remember celebrity photo leak?): Up to $50,000.
Access from a sandboxed process to user data outside of that sandbox: Up to $25,000.

For the eligibility of a reward, researchers will need to show a proof-of-concept (POC) on the latest iOS and hardware with the clarity of the bug report, the novelty of the bounty problem and the possibility of user exposure, and the degree of user interaction necessary to exploit the flaw.
Decision Comes in the Wake of the FBI Scandal

Earlier this year, Apple fought a publicized battle with the FBI, over a court order to access the locked San Bernardino shooter's iPhone.

When the FBI forced Apple to unlock the shooter's iPhone, it refused, eventually making the bureau hire professional hackers to break into the iPhone -- supposedly paying out over $1 Million. Perhaps the company is trying to eliminate these lucrative backdoors into its software to make its iOS devices so secure that even the company cannot crack them.

August 11, 2016
Kazifarms Kitchen

Recent Posts MARKS BANGLADESH'S ENTRY INTO THE 'GIG ECONOMY' marks Bangladesh's entry into the 'Gig Economy' - a new milestone that Bangladesh has now achieved during the Digital Bangladesh era. is here to make us count on women and to make women look beautiful...


Samsung files a patent for fetching patterns of password with palm verification.


The world’s favourite beauty queen has been spotted in a hijab for the first time ever in a tribute to the bold Ibtihaj Muhammad, the first American Olympian to compete...