It is amazing the length to which Apple is willing to showcase its tech strength. Surprisingly it has increased the amount it’s offering to hackers to find vulnerabilities in its iphones and Macs to a whooping sum of $1million. This is by far the highest bug bounty from any major tech company.
The full $1 million will go to researchers who can find a hack of the kernel—the core of iOS—with zero clicks required by the iPhone owner. Another $500,000 is to be given to those who can find a “network attack requiring no user interaction.” As well as a 50% bonus for hackers who can find weaknesses in software before it’s released.
Apple is to give bug bounty participants “developer devices”—iPhones that let hackers dive further into iOS. They can, for instance, pause the processor to look at what’s happening with data in memory.
Confirming this on Thursday at a talk on iOS and macOS security at the Black Hat Conference in Las Vegas by Apple’s head of security engineering Ivan Krstić, he explained that the bounty also extended to watchOS and Apple’s TV operating system.
ALSO READ: Apple Unveils New iOS Feature
Also, Krstić added that the iOS Security Research Device program which will arrive next year would be by application and be open to all researchers as oppose previous practice where only those on the company’s invite-only bug bounty program were eligible to receive rewards.
Remarkably, Apple is increasing those rewards in the face of an increasingly profitable private market where hackers sell the same information to governments for vast sums.
However, beforehand a company called Zerodium was vocal about how much it will pay researchers before handing them to its unknown government customers. In January, the secretive company announced it was offering $2 million for a remote hack of an iPhone.