Apple Will Pay You Up To RM800,000 To Hack Into Their Systems
The first bug bounty programme by the company.
By John Lim — 05 Aug 2016, 09:40 AM
Tech giant Apple is launching a new bug bounty program that'll offer some serious moolah to hackers and researchers who can find faults in iOS and iCloud
Head of Apple security, Ivan Krstic, said the company will pay bug bounties - up to USD200,000 (RM806,000) - to researchers who find and report vulnerabilities in specific Apple software.
"We are pleased to announce an Apple security bounty program," Krstic said during a talk at the Black Hat cybersecurity conference in Las Vegas. He also offered technical details on Apple's approach to safeguarding user data.
The given bounty will depend on the type of exploits or bugs found, with the highest payout for vulnerabilities in iOS devices
The categories and types of bounties are as follows:
- Secure boot firmware components – up to USD200,000 (RM806,000)
- Extraction of confidential material protected by the Secure Enclave Processor – up to USD100,000 (RM403,000)
- Execution of arbitrary code with kernel privileges – up to USD50,000 (RM201,000)
- Unauthorized access to iCloud account data on Apple servers – up to USD50,000 (RM201,000)
The program is currently on an invite-only basis, but the company is hoping to open it up to the public soon. As for the cash offer, winners can choose to accept it or donate it to charity.
Speaking to Mashable, Apple may reward researchers or hackers who can outline faults not stated in the outline. The tech giant also said it has no plans to make the initiative exclusive, saying that it will be open to public eventually.
However, those are who are not invited are still welcome to disclose any vulnerability to the company.
The long-awaited move comes as other major companies have embraced bug bounties by paying out to those who find loopholes in their products and services
Amazon and Microsoft have programs that financially reward hackers for privately reporting serious flaws. Google, famed for its bounty programs, have paid out more than USD550,000 in bounties last year.
Recently, the Cupertino-based company fought a much-publicised battle with the FBI over access to a shooter’s iPhone
Apple refused on the grounds that though it wasn't an impossible task to hack the shooter's phone, it was nonetheless morally indefensible. The FBI later hired professional hackers to break into the device - supposedly paying out more than USD1 million for their services.
zdnet.com