Related Articles
Apple has reopened its previously closed bug bounty program, that offered handsome rewards to anyone who identifies a bug in Apple's software. The recent program was started in 2016 and the public was allowed to find bugs and report them to the Apple Product Security which in turn will pay the bug hunters a lucrative amount depending on the flaw they discovered. Cupertino giant closed the program after some time.
Since the public bug bounty program was closed, only an invitation based program was running for selected security researchers only and was accepting only iOS security bugs. But now, the company has reinitiated the public bug bounty program with lucrative rewards. Now, Apple will accept vulnerability reports for a wider spectrum of products including iPadOS, macOS, tvOS, watchOS, and iCloud.
Previously, the maximum amount for major flaws was $200,000 which is now increased to a whopping $1500,000. Yes, one can become a millionaire by finding the most complex and severe bug in the aforementioned Apple products. The company has published a set of rules on their official page for anyone who is interested to take part in the public bug bounty program.
The rules are strict, because the reward is bigger. To be able to get heavy bounty and bonuses, the researchers must submit a clear and concrete report regarding the bug they discovered, the reports must include: ● A detailed description of the issues being reported. ● Any prerequisites and steps to get the system to an impacted state. ● A reasonably reliable exploit for the issue being reported. ● Enough information for Apple to be able to reasonably reproduce the issue.
Vulnerabilities found in beta releases are also highly prized. Apple is not the first tech company to offer this kind of bug bounty program for the general public, its biggest competitor and tech giant Google is also known for introducing such programs and offers attractive rewards to researchers and ethical hackers. With increasing privacy breach and data theft concerns, Facebook is also reportedly planning to launch a similar program.
