Apple announced three years ago that it would be offering cash bounties of up to $200,000 to researchers who discover vulnerabilities in its products especially the iPhone. The bug bounty program was open only to researchers who have previously made “valuable vulnerability disclosures” to the company.
Now, changes have been made to the program and it introduces a new million-dollar reward for anyone who can hack into the core of Apple’s iOS operating system and gain control of an iPhone without requiring any user interaction.
Additionally, there is $500,000 to be given to those who can find a “network attack requiring no user interaction.” Also, if you can come across any vulnerability in a beta version of Apple’s software before it launches, then you are sure to receive a 50% bonus.
To the effect, Apple says that it is expanding the bug bounty program to its other platforms such as macOS, tvOS, and watchOS, the software that powers its Mac, Apple TV, and Apple Watch products.
The announcement comes at a time when data breaches are becoming a hot topic across the technology industry. The share and sale of user data is now a point of concern for almost every company with a number of big names already implicated for being on the wrong side of the law.
At the 2019 WWDC, Apple took the secure path and unveiled a new privacy-focused technology while adding the ability to use a ‘Sign in with Apple’ button on websites and apps.
Users will be able to choose which apps get what information. If one doesn’t want to provide their e-mail address to an app or website, Apple will instead offer a ‘relay’ address instead, which is a randomized address that will forward information from sites and apps to people’s real e-mail accounts.
