Zerodium this week announced that it will not be purchasing any iOS exploits for the next two to three months due to a high number of submissions. In other words, the company has so many security vulnerabilities at its disposal that it does not need any more.
/article-new/2020/05/ios-13-iphone-ipad-duo.jpg?lossy)
Zerodium is an exploit acquisition platform that pays researchers for zero-day security vulnerabilities and then sells them to institutional customers like government organizations and law enforcement agencies. The company focuses on high-risk vulnerabilities, normally offering between $100,000 and $2 million per fully functional iOS exploit.
We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors.
Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future. — Zerodium (@Zerodium) May 13, 2020
In an explicit tweet, Zerodium CEO Chaouki Bekrar said iOS security is in bad shape, noting that there are at least a few persistent zero-day security vulnerabilities affecting all iPhones and iPads. "Let's hope iOS 14 will be better," added Bekrar.
Apple has its own bug bounty program that offers between $5,000 and $1 million for security vulnerabilities in iOS, iPadOS, macOS, tvOS, or watchOS.
Top Rated Comments
Apple has Animojis.
Here you are.
In my opinion Mac OS X 10.7 was Apple's inflection point of poorer software quality.