LONDON: If you are a hacker and penetration into the security is your piece of cake then Apple Computers Inc. has something for you to offer by its bug bounty program.
Bug bounty program is an opportunity for people to look for any issue, error or vulnerability in to a software, which is usually offered by companies so they can fix them to avoid getting hacked. The person who finds a the vulnerability is given a large sum of money.
Apple is late to offer such program since companies such as Google has been running bug bounty program for several years.
Ivan Krstic, Apple’s head of security engineering and architecture, made an announcement at Black Hat conference on Thursday that the company will launch a reward structure in September.
While talking to the crown at Black Hat Krstic said,
We’ve had great help from researchers like you in improving iOS security all along, feedback that we’ve heard pretty consistently both from my team at Apple and also from researchers directly is that it’s getting increasingly more difficult to find some of those most critical types of security vulnerabilities. So the Apple Security Bounty Program is going to reward researchers who actually share critical vulnerabilities with Apple.
For discovering vulnerabilities in Apple’s secure boot component, Apple will reward upto $200,000. Compare the reward to other companies, Microsoft offers $100,000 for discovering vulnerability in Windows 10.
More Reward by Apple
In addition to the $200,000 reward, Apple is offering.
Up to $100,000 for extraction of confidential material protected by the Secure Enclave Processor
Up to $50,000 for executions of arbitrary code with kernel priveleges
Up to $50,000 for access to iCloud content data on Apple’s servers (celebrity photo leaks)
And up to $25,000 for access from a sandboxed process to user data outside of that sandboxed process.
As the saying goes “better late than never”, Apple is late in bug bounty program but they are the one offering the highest bid for bug hunting.