Apple expanded the size of the security bug detection program to receive bonuses, including macOS, a maximum bonus of $ 1 million
Security researchers have, are, and will find a vulnerability in macOS that will be awarded by Apple in the near future.
In the framework of the Black Hat conference taking place in Las Vegas, USA, Cupertino giant has officially announced that it will expand the scale of security bug detection programs to receive current bonuses to ensure the interests of the Security researchers involved in seeking vulnerabilities in the company's software systems. Instead of only applying to iOS as at the present time, the bonus security detection program can also be applied with macOS, tvOS, watchOS and iCloud in the near future.
- The fate of the smartphones in the second hand market: Removed to every detail, can restore data to steal information
Previously, the bonus security detection program was only applied to iOS
In addition, the bonus will be raised to a maximum of $ 1 million for serious vulnerabilities, such as security flaws, which could lead to an attack on executing the entire kernel code, zero-click .
Apple started deploying a security bug detection program that received bonuses three years ago and only applies to iOS. As the name suggests, security researchers will be paid for any vulnerabilities they find in Apple's mobile operating system and provide complete information for the apples. More or less bonuses will depend on the severity and complexity of the vulnerability.
Although it is also an important product of Apple and possesses a large number of users worldwide, strangely, the security bug finder program has never been applied to macOS. This makes the macOS developer community unhappy. They felt that the effort they spent was overlooked, and after three years, Apple also had to listen to the community. Apple's bug pay program, after being scaled up, will almost certainly be applied to macOS - a slightly late but necessary move!
- Apple, Google, Microsoft, Facebook and Twitter will join a large-scale shared data project
Apple should still further enhance the bonus level for security flaws discovered and reported
In addition, iCloud, tvOS, iPadOS and watchOS will most likely be included in the list of bonus security programs that receive bonuses. Apple is currently extremely interested in optimizing its software products in the direction of utilizing the potential from the outside. Apple's bounty for security researchers is currently at a maximum of $ 200,000 for particularly serious vulnerabilities, but is expected to increase fivefold to $ 1 million in time. next.
For example, if you find an iOS vulnerability that allows an attacker to control the phone without any user interaction, the amount equivalent to about 23 billion will belong to you!
Scaling up the bonus security program to receive bonuses is a necessary move, showing Apple's interest in contributions from resources outside the internal system, and can help convince Many security researchers participated in reporting more vulnerabilities in Apple software, from which product quality and user experience will be significantly improved.
- New policy: Authorized centers of Apple in Vietnam only accept warranty devices with purchase invoices
However, according to experts, in the coming time, Apple should still improve the bonus level for security errors discovered and reported. The $ 1 million bonus with a particularly serious security error is not trivial, but security bugs of this type are often more valuable when sold on the black market. That is the problem that Apple must seriously consider.
In the past few years, bonus security security programs are being used by many large software development companies to make the most of human resources outside the system, thereby optimizing products. I can mention such as Apple, Microsoft, Facebook and Apple .
- iPhone 4S, iPhone 5, iPad 2 suddenly received a new iOS update to fix the error showing the wrong date and time
"Security hole hunter" is one of the emerging industries, receiving much attention
It is also thanks to these types of programs that a new type of career has been formed in the field of security, it can be understood that the profession is "hunting the system error". In a nutshell, this is how it should be replicated. It benefits not only software developers, free security researchers, but also users because the end product becomes more user-friendly and secure.
You should read it
- Apple announced a new, more diverse level of security bug detection bonus
- You will receive $ 7000 right from OnePlus if you do this
- Tor opens the Bug Bounty program to find a bug to receive a bonus
- Microsoft issued a warning about macOS security errors, urging users to update the software immediately
- This is the first hacker into millionaires thanks to hunting bonuses from security errors and he is only 19 years old
- Apple promises to upgrade security for iCloud in the next 2 weeks
- Apple released iOS 11.3, macOS 10.13.4, tvOS 11.3 and watchOS 4.3
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonus
- Apple fixes many important bugs on MacOS X
- IBM developed a new technology to patch security holes
- Protect iPhone, iPad before iCloud security hole
- Apple blocked 25 vulnerabilities in Mac OS X
Maybe you are interested
iPhone security tips you're missing out on
This list of common passwords shows how little we understand about online security
Download free Windows Server 2025 security guide
5 Misconceptions About Password Security
Should I buy a USB, Bluetooth or NFC security key?
4 Security Steps to Follow When Using Remote Access Applications