Apple To Pay Out Up To $200,000 For Flaws In iOS, iCloud Code
by Laurie Sullivan @lauriesullivan, August 5, 2016
Apple is following in the footsteps of other tech and automotive companies by offering hackers $200,000 to find iOS and iCloud product flaws and holes in its code.
The bug bounty program is part of an industrywide sweep to find bugs in source code in an effort to prevent or to deter hackers from finding the vulnerabilities first.
Apple joins Facebook, Microsoft, Yahoo and Google, which have paid out millions of dollars over the years. Most recently, Uber and automotive giants like GM have jumped into the fray as more technology moves into cars.
Google’s bounty for Android is minor compared with Apple’s. Its winners get on average between $1,000 and $20,000 and their picture posted on the Hall of Fame. But Google’s bug hunters program also supports grants. Hunters can receive Vulnerability Research Grants like the one given to Nils Juenemann in 2015 for $2,674, which he donated to a secondary girl’s school in Tanzania.
Even the Federal Bureau of Investigation reportedly paid more than $1 million to a company that could hack a security feature in the iPhone 5S used by San Bernardino, California shooter Syed Rizwan Farook.
The “invitation only” program will pay out between $25,000 and $200,000, but could be much lower depending on the hole.
Those invited to apply for the program will need to provide a proof of content. Bounties will be based on how much interaction is required from the user to trigger the vulnerability, the severity of the exploit and how novel compared with previous issues, and the clarity in which the flaw is described.
Apple is following in the footsteps of other tech and automotive companies by offering hackers $ 200,000 to find iOS and iCloud product flaws and holes in its code. MediaPost.com: Search Marketing Daily
(21)