Apple Offers Bounty

 

blackhat

Yes, Apple is offering a bounty of UP TO $200k to expose vulnerabilities within its own products. While that may seem a lot. Probably take me three years to come by that honestly. I can assure you that to Apple it”s mere pocket change. That’s also the maximum. The bounties start at as little as $25k. This announcement was made yesterday at a Black Hat security conference in Las Vegas by the head of security engineering and architecture at Apple,  Ivan Krstić.

This is also a closed program (Apple has better control of leaks that way) but anyone can submit flaws as long as they can prove them. They must have a “working proof of concept” and “disclosure must be coordinated with Apple”. Of course it does. This kind of money really seems to be peanuts compared to what would be available if the exploit was sold to a third party. I’m sure the Chinese would be interested as well as many others. Timmy didn’t think this through, it would appear that he thinks the Blackhats would come to him when already others have paid out (or offered) millions for iOS exploits and jailbreaks. Just look to the San Bernardino terrorist fiasco and the rumoured $1 000 000 the FBI paid out for that hack. Remember… the only way to make an iPhone closely resemble a smartphone in functionality is to make is completely worthless (security wise) by jailbreaking it. The bounty progarm will begin next month with a select few people that Apple has used before.

I think Apple is desperately trying to appear as if they are actively trying do something about security. If they really cared about the private information that their users shuffle through their clouds and servers they would have taken an approach more like the one BlackBerry has with Dtek and securing android.

nnik

Love the outdoors, animals and repurposing old stuff

  • Nayalm

    $200K?!?!?
    CrApple the proprietor expecting results by offering to pay far freaking less than the black market or the deep web? Talk about stupidity at its finest.
    To add insult to injury: you have been providing evidence that you no longer have a clue what iOS has become or doing.
    Since you brought Mr. Dan Dodge back from retirement, let him help you make a deal with BlackBerry: licensing BB10 and transitioning to BB10 before becoming a subsidiary of Google or Facebook.
    CrApple stop acting surprised to be handcuffed to a dead hooker!!!

  • Anthony

    Going by the way some people talk about Apple vulnerabilities on this website, Apple’s 100 billion war chest should be drained in a month. locco_smiley_17

Top