Now, you can earn $1.5 million for hacking Apple devices
In a major move, Apple has increased the scope and reward of its bug bounty program to fend off potential threat actors and protect its customers. The program was previously restricted to iOS devices. But now, you can bag a reward for discovering/reporting an issue on any Apple product, from iPhone to Mac. Here's all about the upgraded program and the increased reward.
Apple's improved bug bounty program
Apple has long been running bug bounty program to reward researchers flagging/reporting security flaws (and their exploits) in its products. However, the iOS-specific scheme was based on invitation, which meant only select security researchers could take part. Now, the company is changing this by opening the program to all researchers and considering iOS, macOS, tvOS, watchOS, and iCloud bug reports for the cash reward.
Plus, the maximum payout has been increased to $1 million
Along with the scope of its bug bounty program, Apple has also increased the maximum cash payout security researchers flagging bugs would be eligible to receive. Previously, researchers could bag up to $200,000/exploit, but now, that has been increased to $1 million. So, if you manage to flag a high-risk vulnerability in any Apple product, the company would pay you a hefty sum.
Some hard work needed to bag maximum payout
While the new payout increase sounds tempting, it is imperative to note that you'd have to do some hard work to get that amount. Specifically, Apple says, a researcher would have to report fresh 'zero-click kernel code execution with persistence' to bag the $1 million reward. Plus, this issue would have to leave a critical impact on Apple's latest hardware and software.
Additional 50% bonus also possible
In addition to the maximum payout, you could also bag a 50% bonus, which is up to $500,000. However, for this reward, you'd either have to find a regression bug, which is an issue that pops up again after being fixed, or a beta release flaw, as it will help the company fix the glitch before releasing it to the public.
Apple's move finally addresses concerns of white hat hackers
Apple's move finally addresses the concerns of white hat hackers who had been complaining about the limited scope of its bug bounty program. Essentially, the inclusion of other Apple platforms and a bigger reward would keep all security researchers motivated to find and report the bug to the Cupertino giant instead of selling it to brokers on the dark web.
