At the Black Hat conference held last week, an annual event created for the InfoSec community, Ivan Krstic, engineer Apple chief security, announced the launch of a new program with which the Cupertino paid to people who discover bugs and vulnerabilities of important security software company. How much? For no less than $ 200,000.
This is the first time that Apple pays for finding such bugs, but it is not a new program. Other companies responsible for major operating systems such as Google (Android) and Microsoft (Windows), have already launched their programs “bounty bug” with those who pay large sums of money to any user who finds such failures in their operating systems.
Find vulnerabilities in software Apple has prize
The new program bug bounty Apple is part of the company ‘s effort to open to hackers, security researchers and cryptographers who want to help improve the safety of the company.
The prize of $ 200,000 would not take any discovery, but it is the most you will pay the Cupertino to find security flaws in its software. Thus, the fifth of a million dollars will take the discoverers of failures firmware components Secure boot , while smaller vulnerabilities, such as access from a process sandbox to user data outside the sandbox will receive “only” $ 25,000.
The new program will launch sometime in September , just the month that iOS 10 will be released officially.Remember that the next version of iOS, at least in the current betas, the kernel does not have encryption. Apple, like other security specialists, says that security will not be compromised and thus find and correct security flaws sooner.
The best example is Ubuntu, safer than iOS system and the kernel does not have encryption. They have also promised to launch more updates, which undoubtedly not please fans of the jailbreak.