Apple Ups Bug Bounty Payouts, Expands Access to All Researchers and Launches macOS Program

by

Apple is introducing an expanded bug bounty program that covers macOS, tvOS, watchOS, and iCloud as well as iOS devices, Apple's head of security engineering Ivan Krstić announced this afternoon at the Black Hat conference in Las Vegas.

Apple introduced its bug bounty program for iOS devices in August of 2016, allowing security researchers who locate bugs in iOS to receive a cash payout for disclosing the vulnerability to Apple. Prior to now, non-iOS devices were not included, a move that has previously been criticized by the security community.

applebugbountypayouts
Apple's lack of a macOS bug bounty program made headlines earlier this year when a German teenager initially refused to hand over details of a major macOS Keychain security flaw because Apple didn't have a payout. While he did ultimately provide the info to Apple, he said that he hoped his refusal would inspire Apple to expand its bug bounty program, which the company has indeed done.

With the launch of the new macOS bug bounty program, Apple is opening its bug bounties up to all researchers later this year and it is increasing the maximum size of the bounty from $200,000 per exploit to $1 million depending on the nature of the security flaw. A zero-click kernel code execution with persistence will earn the maximum amount.

Researchers who discover vulnerabilities in pre-release software before general release can qualify for up to a 50 percent bonus payout on top of the base bug bounty amount.

As reported earlier this week, Apple also plans to provide vetted and trusted security researchers and hackers with "dev" iPhones, aka special iPhones that provide deeper access to the underlying software and operating system that will make it easier for vulnerabilities to be discovered.

appleresearchdeviceprogram
Apple is providing these iPhones as part of its new iOS Security Research Device Program, launching next year. Apple's aim with these new bug bounty efforts is to encourage additional security researchers to disclose vulnerabilities, ultimately leading to more secure devices for consumers.

(Thanks, SecuritySteve!)

Top Rated Comments

smithrh Avatar
smithrh
21 months ago
Overdue, but a good move.
Score: 17 Votes (Like | Disagree)
IIGS User Avatar
IIGS User
21 months ago
This is welcome news. It would be nice if Apple could fully secure its own software but that's just not how the industry works.
There's an old saying I'll paraphrase. "No plan of battle survives first contact with the enemy".

No software testing can put every piece of software into every possible configuration. One different application, combined with a different time zone, and a screen configuration can change things enough for something inside to cry "uncle".

Just like my old man used to say. Never buy the first year of a new model car or truck. Give it a year or two for some other idiot to find out the wiper switch doesn't like prune fumes, or some other issue no one thought up....
Score: 11 Votes (Like | Disagree)
Websnapx2 Avatar
Websnapx2
21 months ago
apple probably figured its cheaper to have someone look for bugs than hiring a team of engineers.
Highly doubt that — Just more eyes looking. Apple is secretive, not cheap. They have an information-sharing issue.
Score: 6 Votes (Like | Disagree)
konqerror Avatar
konqerror
21 months ago
apple probably figured its cheaper to have someone look for bugs than hiring a team of engineers.
Also, there are legal issues if an Apple engineer reverse engineers third-party apps on their platform and looks at their code, to use as part of an attack. This could lead to accusations that Apple copied from third parties' code, something that independent researchers don't run into.
Score: 6 Votes (Like | Disagree)
now i see it Avatar
now i see it
21 months ago
Hackers are now called "researchers".
Score: 5 Votes (Like | Disagree)
killawat Avatar
killawat
21 months ago
these rates look competitive compared to black market rates especially since the money is clean.
Score: 3 Votes (Like | Disagree)
Read All Comments

Top Stories

bloodoxygenapplewatch

Apple Watch Series 7 to Gain Breakthrough New Health Feature

Friday March 5, 2021 5:34 am PST by
Apple is reportedly planning to bring a new, first-of-its-kind health technology to the Apple Watch Series 7, in what could be a breakthrough for managing conditions such as diabetes more easily. According to a recent report from ETNews, the Apple Watch Series 7 will feature blood glucose monitoring via a non-invasive optical sensor. Measuring blood glucose levels, also known as blood...
Read Full Article
apple transfer google photos 1

Apple Launches Service for Transferring iCloud Photos and Videos to Google Photos

Wednesday March 3, 2021 12:04 pm PST by
Apple this week introduced a new service that's designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple's privacy website and sign in to see the "Transfer a copy of your data" option. If you select this and go through all the steps, Apple will transfer your iCloud photos and ...
Read Full Article195 comments
imac pro featured black

Apple Confirms iMac Pro Will Be Discontinued When Supplies Run Out, Recommends 27-Inch iMac

Saturday March 6, 2021 7:33 am PST by
Apple on late Friday evening added a "while supplies last" notice to its iMac Pro product page worldwide, and removed all upgrade options for the computer, leaving only the standard configuration available to order for now. We've since confirmed with Apple that when supplies run out, the iMac Pro will no longer be available whatsoever. Apple says the latest 27-inch iMac introduced in August...
Read Full Article227 comments
Oled iPads and MackBook Pro

OLED 10.9-Inch iPad Rumored for Early 2022, 12.9-Inch iPad Pro and 16-Inch MacBook Pro Could Follow

Thursday March 4, 2021 8:37 pm PST by
Earlier today, DigiTimes shared a preview of an upcoming report claiming that Apple is working on both iPad and Mac notebook models with OLED displays that could launch starting in 2022. The full report from DigiTimes is now available, and it includes several new alleged details about Apple's plans. According to the report, the first of these devices to adopt an OLED display is likely to be...
Read Full Article110 comments
apple products refurbished store banner

Class Action Lawsuit Over Apple Providing Refurbished Replacement Devices Proceeding to Trial in August

Friday March 5, 2021 9:53 am PST by
Initially filed in 2016, a class action lawsuit that accuses Apple of violating the Magnusson-Moss Warranty Act, Song-Beverly Consumer Warranty Act, and other U.S. laws by providing customers with refurbished replacement devices is set to proceed to trial August 16, according to a notice this week from law firm Hagens Berman Sobol Shapiro LLP. Apple's repair terms and conditions state that,...
Read Full Article158 comments
iPhone 13 Notch Feature2

iPhone 13 Rumor Recap: Smaller Notch, Larger Batteries, 120Hz for Pro Models, Improved 5G, Wi-Fi 6E, and More

Friday March 5, 2021 8:20 am PST by
While we are likely at least six months away from Apple unveiling the so-called iPhone 13 lineup, rumors about the devices are starting to accumulate, so we've put together this recap of everything that is expected so far. The upcoming iPhone 13 lineup will consist of the same four models and the same screen sizes as the iPhone 12 lineup, according to reputable analyst Ming-Chi Kuo,...
Read Full Article124 comments
maxresdefault

What's on Your iPhone Home Screen?

Thursday March 4, 2021 10:31 am PST by
Over on our YouTube channel, MacRumors videographer Dan has a new video up where he shares his Home Screen, wallpaper, and all of his current favorite widgets. Subscribe to the MacRumors YouTube channel for more videos. Check out Dan's video to see his setup, and then comment below and show us your own Home Screens. It's always fun to see other peoples' Home Screens, and with widgets and...
Read Full Article89 comments
OLED iPad Pro and MacBook Pro

iPad and MacBook Models With OLED Displays Rumored to Launch in 2022

Thursday March 4, 2021 8:19 am PST by
Apple plans to release new iPad and MacBook models with OLED displays in 2022, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The information was shared in the site's paywalled "Before Going to Press" section, so there are no further details yet, but the full report should be released by tomorrow. Apple has gradually increased its adoption of OLED...
Read Full Article106 comments
Top Stories 48

Top Stories: iPhone 13 Leaks, OLED iPads and Macs, New AirTags Evidence

Saturday March 6, 2021 6:00 am PST by
iPhone rumors are heating up, with noted analyst Ming-Chi Kuo this week releasing a wide-ranging report outlining his expectations for the iPhone lineup over the next three years. This week also saw rumors about OLED displays potentially coming to iPad and Mac starting next year, increasing signs of AirTags functionality in iOS 14.5 betas, and more, so check out all of the details below! i...
Read Full Article42 comments
imac pro while supplies last

iMac Pro No Longer Custom Configurable, Available 'While Supplies Last'

Friday March 5, 2021 10:14 pm PST by
Apple appears to be on the verge of discontinuing the iMac Pro, with the store page for the high-end all-in-one Mac including a "While supplies last" tagline and only the base model with no custom configurations available for purchase. The iMac Pro launched in December 2017, and while there have been a few tweaks to the available configurations over the years, it has received no substantial...
Read Full Article135 comments