Apple Inc offers $200,000 worth cash rewards for finding security bugs

The latest plan comes just ahead of the Black Hat security conference in Las Vegas.  - Sakshi Post

New York: Apple Inc is planning plans to offer rewards of up to $200,000 to researchers who find critical cyber security bugs in its products. It’s a natural practice in the technology sector as several companies generally offer payments or cash rewards for uncovering flaws in their products.

According to a report by Reuters, the maker of iPhones and iPads is offering cash rewards including some of the biggest bounties offered to date. The latest plan comes just ahead of the Black Hat security conference in Las Vegas. Apple will invite about two dozen researchers to help identify hard-to-uncover security bugs in five specific categories.

Apple will invite about two dozen researchers to help identify hard-to-uncover security bugs in five specific categories.So far IT majors such as AT&T, Facebook, Google, Microsoft, Tesla Motors and Yahoo have been offering rewards and incentives for those who find bugs in their products and services.Microsoft announced $1.5 million in rewards to security researchers since it launched its program three years ago.  

So far IT majors such as AT&T, Facebook, Google, Microsoft, Tesla Motors and Yahoo have been offering rewards and incentives for those who find bugs in their products and services.

Microsoft announced $1.5 million in rewards to security researchers since it launched its program three years ago. It also offers rewards for identifying very specific types of bugs. Its two biggest payouts have been for $100,000 each.

These researchers have been selected from the group of experts who have previously helped Apple identify bugs, but have not been compensated for that work.

The most lucrative category, which offers rewards of up to $200,000, is for bugs in Apple’s ‘secure boot’ firmware for preventing unauthorized programs from launching when an iOS device is powered up.

Apple said it decided to limit the scope of the program at the advice of other companies that have previously launched bounty programs. According to Apple, if reseachers were to do it again, they would start by inviting a small list of researchers to join, then gradually open it up over time. Security analyst opine that limiting participation would save Apple from dealing with a deluge of low-value bug reports.

Facebook, for example, has an open program that offers rewards for a wide-range of vulnerabilities. It has paid out more than $4 million over the past five years, with last year’s average payment at $1,780. In March, Facebook paid $10,000 to a 10-year-old boy in Finland who found a way to delete user comments from Instagram accounts.



Read More:

Advertisement
Back to Top