Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Apple Launches Bug Bounty Program, Offers Up to $200,000 for Software Vulnerabilities Discovered
At today's Black Hat Conference, an annual event designed for the global InfoSec community, Apple's head of security engineering Ivan Krstic announced the launch of a bug bounty program that will see Apple paying money to individuals who discover major bugs and security flaws in the company's software.
Many major technology companies like Google and Microsoft offer bug bounty programs to encourage people to discover and report major vulnerabilities, but until now, Apple has declined to provide a similar program.
According to TechCrunch, Apple's new bug bounty program is part of Apple's effort to open up to hackers, researchers, and cryptographers who want to help improve the company's security.
Apple will be offering bounties of up to $200,000 to researchers depending on the vulnerability that's discovered. Secure boot firmware components will earn $200,000 at the high end, while smaller vulnerabilities, like access from a sandboxed process to user data outside of the sandbox, will earn $25,000.
The program will be invite only for the time being, limited to a few dozen researchers. Apple plans to make it more open as it grows, and if a non-member discovers a significant bug, they'll be invited to the program.
Many major technology companies like Google and Microsoft offer bug bounty programs to encourage people to discover and report major vulnerabilities, but until now, Apple has declined to provide a similar program.
At #BlackHat2016, Apple just announced a new Security Bounty program and has promised to prioritize pushing updates. pic.twitter.com/1jXW1tNMrb
— Jay Freeman (saurik) (@saurik) August 4, 2016
According to TechCrunch, Apple's new bug bounty program is part of Apple's effort to open up to hackers, researchers, and cryptographers who want to help improve the company's security.
Apple will be offering bounties of up to $200,000 to researchers depending on the vulnerability that's discovered. Secure boot firmware components will earn $200,000 at the high end, while smaller vulnerabilities, like access from a sandboxed process to user data outside of the sandbox, will earn $25,000.
Although each category of vulnerability maxes out at the given rate, Apple will determine the exact reward amount based on several factors: the clarity of the vulnerability report; the novelty of the problem and the likelihood of user exposure; and the degree of user interaction necessary to exploit the vulnerability.Apple plans to launch its new bug bounty program in September. To be eligible for a reward as part of the program, researchers will need to provide proof-of-concept on the latest versions of iOS and the company's newest hardware. Apple will also encourage researchers to donate their earnings to charity and will match all bug bounty donations.
The program will be invite only for the time being, limited to a few dozen researchers. Apple plans to make it more open as it grows, and if a non-member discovers a significant bug, they'll be invited to the program.
[ 82 comments ]
Top Rated Comments
(View all)
36 months ago
I discovered a bug in Apple's Mac update schedule. The Mac never seems to update. Can I collect $200,000?
36 months ago
I discovered a bug in Apple's Mac update schedule. The Mac never seems to update. Can I collect $200,000?
And that's why its invite only...
36 months ago
$200,000 is a great incentive to help detect these issues. Hopefully it's successful.
36 months ago
The incredibly buggy new OS releases shows that Apple is no longer capable of doing it in-house - going the OUTSOURCING route.
Not quite, doesn't matter how many gifted employees you have in-house you'll never catch everything. A familiar work environment breeds a familiar way of thinking, sometimes you need someone to take a look at code from a completely different perspective and it's amazing what can be spotted hiding in plain sight. Happens in all walks of life.
Increasing the number of eyes on their systems with a financial incentive is a really efficient and effective way of catching security flaws.
36 months ago
Can no longer do it in-house - going the OUTSOURCING route.
Oh come on... Most other companies "outsource" it... Its smart business.
36 months ago
Great idea. iOS will always be more secure than Android, and this will only further that gap.
36 months ago
They can't even get stability right...maybe that power point will end up with "error...ppt slide reloaded."
Apple is now outsourcing.....rewarding hackers to protect the company's reputation.
Oh joy, somebody who doesn't understand how programming works or why bug bounties are out there.
36 months ago
Shame Apple's own workers don't know how to fix bugs. You'd think they'd be paid to fix them.
It sure is popular to hate on iOS developers these days without putting any real thought into it. Congrats.
36 months ago
The end of jailbreaking
And if it means a more secure device, I don't know why anyone would be against it.
[ Read All Comments ]
Last year, we shared a list of some of the best HomeKit products you can buy, which was quite popular with MacRumors readers, so we thought we'd follow it up.
In our 2019 HomeKit video,...
Amazon is discounting the 2019 AirPods with Charging Case to $139.99, down from $159.00. Apple just refreshed the AirPods last month with an updated H1 chip and "Hey Siri" support,...
As part of its ongoing effort to rebuild Apple Maps, Apple has added detailed terrain features to the U.S. states of Arizona and New Mexico as well as the southern portion of Nevada, including the...
Tik Tok, which was pulled from the App Store in India last week to comply with a government demand to block downloads over child safety concerns, is allowed to return to the App Store, reports...
Amazon is currently discounting the latest 13-inch MacBook Pro with Touch Bar to a new all-time-low price. Specifically, this is the 2.3 GHz Quad-Core Intel Core i5 model with 8GB RAM and a 512GB...
Over four years after debuting on Android, and following a significant redesign last year, Google Fit is now available on iOS.
The fitness tracking app can track workout sessions completed...
Following a flash sale on Easter, Best Buy has returned this week with a new 4-day sale that offers discounts on the MacBook Pro with Touch Bar, iPhone X, Beats products, iPhone cases, and more. The...
iPhone XR remained the best-selling iPhone model in the United States in the first quarter of 2019, as it was in the fourth quarter of 2018, according to a survey conducted by research firm CIRP and...
