Sunday, August 7, 2016

Apple Sike iOS9.3.3 jailbreak vulnerabilities $ 200,000 Reward

Apple Sike iOS9.3.3 jailbreak vulnerabilities $ 200,000 Reward

In this year's Black Hat security conference Apple engineer Chris Dick Ivan (Ivan Krstic) announced the launch of the vulnerability reward program, Apple will give any individual found in major bug in Apple's software security vulnerabilities and provide incentives.
In fact, present, many large technology companies such as Google and Microsoft have found loopholes incentive scheme to encourage people to have the ability to detect significant vulnerabilities and reporting software systems that exist and the like. For example, Google announced last month that the company last year to find Android researcher software vulnerabilities pay a total of $ 550,000 in prize money. Facebook also said in February this year, starting in 2011, the company's total vulnerability reward program paid more than $ 4.3 million prize money to the Global 800 researchers. But Apple is only recently announced a similar reward.

Participated in this year's Black Hat Conference Cydia father Saurik (Jay Freeman) on his Twitter update this message, he said that Apple also promised a priority push updates.

According to foreign media reports, Apple introduced this vulnerability reward program also proved that they want to learn to hackers, researchers, cryptographers, and many want to help enhance Apple's software human system is open to welcome these people to help find more vulnerabilities and problems.

Depending on the problem and the vulnerability researchers found that Apple will provide up to up to $ 200,000 reward. If a problem is found safe boot firmware subassemblies, researchers can get $ 200,000 bonus, but if it is a small loophole, such as access issues sandbox sandbox user data through the process, can only get $ 25,000 bonus .

Although Apple has described the discovery of the maximum award amount of different types of vulnerabilities that can be obtained, but they will still be determined by the following factors ultimately how much reward vulnerability discoverer should receive: Vulnerability reported clarity; new found problems To the extent of user interaction vulnerabilities affect desired; extent and therefore the possibility of users affected.

Apple plans starting this year in September officially launched their vulnerability rewards program. Researchers If you want to get the bonus, then, in addition to discover vulnerabilities, it must also provide proof of concept in the latest version of iOS and the latest hardware. Apple also will also encourage researchers to get their money out of donations for charity, and Apple will make the appropriate matching donation activities in accordance with the developer's donation.

Apple is currently the vulnerability reward program is by invitation only, they only invited more than a dozen researchers involved in the program. Apple said that with the development and expansion of the program, they will be more open to attract more researchers, if uninvited individuals found significant gaps, he will be invited to participate in the program.
Tags: iOS9.3.3  jailbreak
Post a Comment