The California based company Apple has now decided to offer up to $1 million for hacking the iPhone. Not only this but also the hackers need to reveal how did they do so. The bounty program which was announced by the maker of the iPhone at the annual Black hacker convention which was held in Las Vegas on the last Thursday is the biggest ever payout of the company. Not only this but also it is Apple’s five times bigger than its last largest payout. This is because earlier, the company had limited its bug bounty program to a limited list of friendly hackers. But now the company has removed the limitation and it has now announced reward money to the one who will be successful in hacking. Having said that Apple will only pay the highest prize t0 a particular hack. After hacking the hackers will also have to show how they are able to gain the remote access to the deep core of iOS software of Apple without needing the target, the iPhone user to take any action.
Bug bounty program which we have mentioned above has become very popular these days for which many companies are inviting the professional hackers to find some sort of vulnerabilities in their system. These programs work as a way to prevent criminals from hacking as well as making the misuse of the information.
A bug bounty program is also called a vulnerability rewards programs, commonly known as VRP. This program is basically a crowdsourcing initiative which hackers for finding as well as reporting software bugs. The bug bounty programs are only used for supplementing internal code audits and finding out the company’s vulnerability management strategy. This time Apple is also doing the same.
Finding out such kind of vulnerabilities in the most commonly used smartphones of the world are highly rewarded on the vulnerability market. So the initiative was taken by Apple for rewarding $1 million rewards is also included in the line and they would pay for finding out the bug.
Many private sector companies are making tools to access the iPhone. Not only private sector companies but also the government organisations are doing the same thing. The secretive cybersecurity company (NSO) Group of Israel, as well as various other government departments, have paid more than $2 million for making a tool which can remotely access an iPhone.
Repressive governments are working hard and are eagerly searching ways the digital lives of the people, political opponents as well as journalists. In the past few years, arising grey market which is being dominated by shadow companies that are engaged in selling tools to do the things which are exploded. And Apple’s new of rewarding $1 million is a way to prevent those tools from going into the wrong hands.
The reports also say that a Saudi Arabia dissident ho is now living abroad and a well-known YouTuber named Ghanem Almasarir were found using an iPhone spying tool which was designed by NSO Group after the incident of the brutal torture as well as the murder of journalist Jamal Khashoggi.
Not only this but also a group of professional hackers are working on the Project Zero program of Google and they have discovered a cache of flows in the software used by Apple. This cache of flows will easily allow the hackers in gaining access to the iPhone by sending the user a message.
But Google did not misuse it and secretly shared all the details with the California based company. Apple then fixed all the flaws before the news went viral which would finally help the hackers to gain access to them.
Apple has also announced but its plan to extend the bug bounty program to include macOS, tvOS as well as watchOS.
In the past few years, hackers the professional hackers have constantly been confusing to alert Apple to security bugs without getting any sort of bounty. So by providing the prize money in the award form for those platforms and iPhone, Apple is finally planning to set up to collaborate with the hackers as well as security researchers who basically search exploits.
The bug bounty program was earlier invite only and now it is available to any researchers who are interested in participate and increase the number of people to look for the issue. Not only this but also the company will offer a 50% bonus to any researcher who will be able to find a problem in the developer preview version or beta version of the operating system before its release.
The $1 million prize money is a huge sum of the money. Earlier the company has rewarded $200000 for finding any sorts of exploits in iOS. The new bug bounty program of Apple is expected to be available at the end of the year.