Security Researchers Unhappy With Apple's Bug Bounty Program

by

Apple offers a bug bounty program that's designed to pay security researchers for discovering and reporting critical bugs in Apple operating systems, but researchers are not happy with how it operates or Apple's payouts in comparison to other major tech companies, reports The Washington Post.

apple devices security bug bounty mac iphone ipad
In interviews with more than two dozen security researchers, The Washington Post collected a number of complaints. Apple is slow to fix bugs, and doesn't always pay out what's owed.

Apple in 2020 paid out $3.7 million, about half of the $6.7 million that Google paid to researchers, and far less than the $13.6 million Microsoft paid. While other companies like Facebook, Microsoft, and Google highlight security researchers that find major bugs and hold conferences and provide resources to encourage a wide range of participants, Apple does not do so.

Security researchers said that Apple limits feedback on which bugs will receive a bounty, and former and current Apple employees said there's a "massive backlog" of bugs that have yet to be addressed.

Apple's reluctance to be more open with security researchers has discouraged some researchers from providing flaws to Apple, with those researchers instead selling them to customers like government agencies or companies that offer up hacking services.

Apple's Head of Security Engineering and Architecture, Ivan Krstić, told The Washington Post that Apple feels the program has been a success, and that Apple has doubled the amount that it paid in bug bounties in 2020 compared to 2019. Apple is, however, still working to scale the program, and will offer new rewards in the future.

"We are also planning to introduce new rewards for researchers to keep expanding participation in the program, and we are continuing to investigate paths to offer new and even better research tools that meet our rigorous, industry-leading platform security model."

Luta Security founder Katie Moussouris told The Washington Post that Apple's poor reputation with the security community could in the future lead to "less secure products" and "more cost."

Apple's bug bounty program promises rewards ranging from $100,000 to $1,000,000, and Apple also provides some researchers with special iPhones dedicated to security research. These iPhones are less locked down than consumer devices and are designed to make it easier for security vulnerabilities and weaknesses to be unearthed.

Sam Curry, a security researcher that worked with Apple in 2020, said that he offered feedback to Apple and that he feels like the company is aware of how it's seen and "trying to move forward." According to The Washington Post, Apple this year hired a new leader for the bug bounty program, so it could soon see some improvements.

Tag: Apple Security

Popular Stories

iPhone Pocket Short

iPhone Pocket is Now Completely Sold Out Worldwide

Tuesday November 25, 2025 7:16 am PST by
Apple recently teamed up with Japanese fashion brand ISSEY MIYAKE to create the iPhone Pocket, a limited-edition knitted accessory designed to carry an iPhone. However, it is now completely sold out in all countries where it was released. iPhone Pocket became available to order on Apple's online store starting Friday, November 14, in the United States, France, China, Italy, Japan, Singapore, ...
Read Full Article138 comments
New Intel Logo

Apple and Intel Rumored to Partner on Mac Chips Again in a New Way

Friday November 28, 2025 7:33 am PST by
While all Macs are now powered by Apple's custom-designed chips, a new rumor claims that Apple may rekindle its partnership with Intel, albeit in a new and limited way. Apple supply chain analyst Ming-Chi Kuo today said Intel is expected to begin shipping Apple's lowest-end M-series chip as early as mid-2027. Kuo said Apple plans to utilize Intel's 18A process, which is the "earliest...
Read Full Article133 comments
iphone black friday gold

The Best Black Friday iPhone Deals Still Available

Friday November 28, 2025 6:24 am PST by
Cellular carriers have always offered big savings on the newest iPhone models during the holidays, and Black Friday 2025 sales have kicked off at AT&T, Verizon, T-Mobile, and more. Right now we're tracking notable offers on the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air. For even more savings, keep an eye on older models during the holiday shopping season. Note: MacRumors is...
Read Full Article3 comments
apple store down feature

Here's Why the Apple Store is Going Down

Thursday November 27, 2025 1:01 pm PST by
Apple's online store is going down for a few hours on a rolling country-by-country basis right now, but do not get your hopes up for new products. Apple takes its online store down for a few hours ahead of Black Friday every year to tease/prepare for its annual gift card offer with the purchase of select products. The store already went down and came back online in Australia and New Zealand, ...
Read Full Article18 comments
streaming black friday 2025

Best Black Friday Streaming Deals - Save Big on Apple TV, Disney+, Hulu, and More

Thursday November 27, 2025 1:14 pm PST by
We've been focusing on deals on physical products over the past few weeks, but Black Friday is also a great time of year to purchase a streaming membership. Some of the biggest services have great discounts for new and select returning members this week, including Apple TV, Disney+, Hulu, Paramount+, Peacock, and more. Note: MacRumors is an affiliate partner with some of these vendors. When...
Read Full Article23 comments
Cyber Monday Deals 2025

Best Cyber Monday Apple Deals Include Big Discounts on AirPods, Apple Watch, and More

Sunday November 30, 2025 7:33 am PST by
Cyber Monday is here, and you can find popular Apple products like AirPods, iPad, Apple Watch, and more at all-time low prices. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running....
Read Full Article12 comments
Netflix Smaller 4

Netflix Kills Casting From Its Mobile App to Most Modern TVs

Monday December 1, 2025 4:36 am PST by
Netflix has quietly removed the ability to cast content from its mobile apps to most modern TVs and streaming devices, including newer Chromecast models and the Google TV Streamer. The change was first spotted by users on Reddit and confirmed in an updated Netflix support page (via Android Authority), which now states that the streaming service no longer supports casting from mobile devices...
Read Full Article71 comments
iphone air camera

iPhone Air Flop Sparks Industry Retreat From Ultra-Thin Phones

Thursday November 27, 2025 3:14 am PST by
Apple's disappointing iPhone Air sales are causing major Chinese mobile vendors to scrap or freeze their own ultra-thin phone projects, according to reports coming out of Asia. Since the ‌iPhone Air‌ launched in September, there have been reports of poor sales and manufacturing cuts, while Apple's supply chain has scaled back shipments and production. Apple supplier Foxconn has...
Read Full Article247 comments
studio display purple february

M5 iPad Pro Could Hint at New Studio Display Feature

Sunday November 30, 2025 10:30 am PST by
The updated specs of the M5 iPad Pro may point toward a major new feature for Apple's next-generation Studio Display expected in early 2026. Apple's latest iPad Pro debuted last month and contains one display-related change that stands out: it can now drive external monitors at up to 120Hz with Adaptive Sync. The feature should deliver lower latency, smoother motion, and fewer visual...
Read Full Article47 comments

Top Rated Comments

TheYayAreaLiving ?️ Avatar
TheYayAreaLiving ?️
55 months ago
I don't think anyone is happy with Apple. Apple needs to step it up.

Security, privacy and being able to fix bugs should be the top priority for Apple.
Score: 26 Votes (Like | Disagree)
rgeneral Avatar
rgeneral
55 months ago
In today's world, security should be given the highest priority like the design of products.
Score: 24 Votes (Like | Disagree)
Shirasaki Avatar
Shirasaki
55 months ago
Apple wants a more locked down system but reluctant to pay researchers that help achieving the goal. I have no idea what Apple is actually thinking now.

Maybe several high profile mass exploits would let Apple rethink their strategies. Or, maybe Apple just cave and build their own backdoors.

What a year we are living in.
Score: 23 Votes (Like | Disagree)
dguisinger Avatar
dguisinger
55 months ago
Good God, people are defending Apple on this one?

People are spending hundreds of hours of their own time (or thousands) searching for individual security holes and showing how to exploit them, and you think they don't deserve compensation (which is an industry norm at this point) for finding it and reporting it out to the vendor?

How many of you waste hundreds of hours doing what is basically your fulltime job without getting paid?
Score: 21 Votes (Like | Disagree)
xxray Avatar
xxray
55 months ago
Who isn't unhappy with Apple lately? Rough year for the McIntosh.
Score: 17 Votes (Like | Disagree)
Spizike9 Avatar
Spizike9
55 months ago
It’s very simple. If you don’t like the way Apple does it then don’t find their bugs. Eventually there will be some bad exploits and Apple will start paying more for the good guys to find their flaws.
Score: 17 Votes (Like | Disagree)
Read All Comments