Apple offers record ‘bounty’ to researchers who find iPhone security flaws

FILE PHOTO: The numerous colours of newly launched Apple iPhone XR are seen following the product launch occasion on the Steve Jobs Theater in Cupertino, California, U.S. September 12, 2018. REUTERS/Stephen Lam/File Photo

LAS VEGAS (Reuters) – Apple Inc is providing cyber security researchers up to $1 million to detect flaws in iPhones, the most important reward provided by an organization to defend in opposition to hackers, at a time of rising concern about governments breaking into the cellular units of dissidents, journalists and human rights advocates.

Unlike different know-how suppliers, Apple beforehand provided rewards solely to invited researchers who tried to find flaws in its telephones and cloud backups.

At the annual Black Hat security convention in Las Vegas on Thursday, the corporate mentioned it will open the method to all researchers, add Mac software program and different targets, and supply a spread of rewards, referred to as “bounties,” for essentially the most vital findings.

The $1 million prize would apply solely to distant entry to the iPhone kernel with none motion from the telephone’s consumer. Apple’s earlier highest bounty was $200,000 for pleasant reviews of bugs that may then be mounted with software program updates and never go away them uncovered to criminals or spies.

Government contractors and brokers have paid as a lot as $2 million for the best hacking methods to receive info from units. Apple’s new bounties, nonetheless, are in the identical vary as some revealed costs from contractors.

Apple is taking different steps to make analysis simpler, together with providing a modified telephone that has some security measures disabled. A principal element of breaches is packages that reap the benefits of in any other case unknown flaws within the telephones, their software program or put in functions.

Quite a few non-public corporations, comparable to Israel’s NSO Group, promote hacking capabilities to governments.

“NSO Group develops technology that is licensed to intelligence and law enforcement agencies for the sole purpose of preventing and investigating terror and crime,” NSO mentioned in an announcement. “It is not a tool to target journalists for doing their job or to silence critics.”

Reporting by Joseph Menn; enhancing by Grant McCool

Our Standards:The Thomson Reuters Trust Principles.

http://feeds.reuters.com/~r/reuters/technologyNews/~3/NZOIa4CuDPc/apple-offers-record-bounty-to-researchers-who-find-iphone-security-flaws-idUSKCN1UY2OA

Leave a Reply