Facebook Instagram X-twitter Youtube

Lagos,Nigeria
Friday, April 19th, 2024

Search
Search
Close this search box.

Apple Offers Up To $200,000 Reward For Finding Security Bugs

No comment
Friday, August 5th, 2016
No comment
The Apple scheme will be limited to a small group of researchers before being gradually opened up. Photograph: Justin Sullivan/Getty Images
The Apple scheme will be limited to a small group of researchers before being gradually opened up.
Photograph: Justin Sullivan/Getty Images

 

Apple has said it plans to offer rewards of up to $200,000 to researchers who find critical security bugs in its products, joining dozens of firms that already offer payments for help uncovering flaws in their products.

The maker of iPhones and iPads provided Reuters with details of the plan, which includes some of the biggest bounties offered to date, ahead of unveiling it on Thursday at the Black Hat cyber security conference in Las Vegas.

The program will initially be limited to about two dozen researchers who Apple will invite to help identify hard-to-uncover security bugs in five specific categories.

Those researchers have been chosen from the group of experts who have previously helped Apple identify bugs, but have not been compensated for that work, the company said.

The most lucrative category, which offers rewards of up to $200,000, is for bugs in Apple’s “secure boot” firmware for preventing unauthorized programs from launching when an iOS device is powered up.

Apple said it decided to limit the scope of the program at the advice of other companies that have previously launched bounty programs.

Those companies said that if they were to do it again, they would start by inviting a small list of researchers to join, then gradually open it up over time, according to Apple.

Security analyst Rich Mogull said that limiting participation would save Apple from dealing with a deluge of “low-value” bug reports.

“Fully open programs can definitely take a lot of resources to manage,” he said.

Apple declined to say which firms provided advice.

Such rewards are currently offered by dozens of firms, including AT&T, Facebook, Google, Microsoft, Tesla Motors and Yahoo.

Microsoft, which has handed out $1.5m in rewards to security researchers since it launched its program three years ago, also offers rewards for identifying very specific types of bugs. Its two biggest payouts have been for $100,000 each.

Not all bounty programs are as focused as the ones from Apple and Microsoft.

Facebook, for example, has an open program that offers rewards for a wide-range of vulnerabilities. It has paid out more than $4m over the past five years, with last year’s average payment at $1,780.

In March, Facebook paid $10,000 to a 10-year-old boy in Finland who found a way to delete user comments from Instagram accounts.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Facebook Instagram X-twitter Youtube

About us

Above Whispers is a platform for those who want to have a mature engagement online. It is primarily, (but not exclusively) aimed at women, and will provide an opportunity for people to engage in discussions about a range of issues such as politics, social justice, development, financial security, women’s rights, health, entrepreneurship, popular culture, faith, parenting, relationships, and other relevant areas.



Above Whispers as a media company aggregates news and information from credible news website for our audience. We also publish our own original contents by our contributors and writers.

All curated stories have the name of the originating source specified.

This platform is an initiative of Bisi Adeleye-Fayemi
Copyright © 2022 - Above Whispers.com