Since it is turning on About a decade before the Bug Bounty program, Apple has always reflected the most significant payment – $ 200,000 in 2016 and $ 1 million in 2019. Now the company is raising this part again. Apple Vice President Ivan, a security engineering and architecture at the Hexacon aggressive protection conference in Paris on Friday, announced a new maximum $ 2 million for the exploitation of software that could be tortured for the Cristian Spywear.
This step reflects on how valuable exploitative weaknesses can be in Apple’s high -protected mobile environment – and the length that the agency will do for these national discoveries is not wrong. In addition to the distinctive payment, the company’s bug bounty also includes a bonus structure, adding additional rewards for absorption that can bypass its overdue lockdown mode as well as the Apple software is still invented at its beta examination phase. Taken together, otherwise the most likely disaster absorbing chain will be the maximum award of 5 million dollars now. The changes are implemented next month.
“We are alignment here for paying many million dollars, and there is a reason for that,” Crestie told Wired. “We want to make sure that the most difficult categories, the most difficult problems, the things we see with tenant spyware that the most closely mirrors that we see – the researchers that have acquired that skill and skills and have kept that effort and time can receive an extraordinary reward.”
Apple says that its devices are more than 2.35 billion in the world. The company’s bug grace is basically an invitation program for prominent researchers, but since opening to the public in 2021, Apple has said that it has given more than $ 1 million award to more than $ 1 million researchers. Top-dolar payments are very rare, but Crestie says that in recent years the company has provided multiple $ 500,000.
In addition to the high potential rewards, Apple is also expanding the Bug Bounty categories to incorporate the wireless close absorption of any type of radio, in addition to absorbing the browser infrastructure. And there is a new offer that is known as “target flags” that flag hacking competitions contain the concept of capture in the real-world test of Apple’s software so that researchers help to exhibit their exploitation skills quickly and precisely.
Apple’s Bug grace is one of the many long -term investments to reduce the prevalence of dangerous weakness or to block their exploitation. For example, after working for more than five years, the company announced a protection at the new iPhone 17 lineup last month, which aims to cancel the most frequently exploited class of iOS bugs. Known as Memory Integrity Enforcement, the feature is a big swing that is aiming to protect a small minority of the world’s most vulnerable and highly target groups – while adding defense for all users of new devices, including workers, journalists and politicians. To that end, the company announced Friday that they would donate a thousand iPhone 17S to the right groups that work with people who are facing target digital attacks.
“You can say, well, it seems to be a very big effort to protect very few users who are being targeted by hired spyware, but these technologies are constantly abused by journalists, technology agencies and civil society agencies that these technologies are constantly abused,” Crest said. “And we feel a great moral obligation to protect these users. Despite the majority of our users that would not be noticed by anything like this, the work we have done will finish growing protection for everyone.”