Apple offers $1m reward to researchers who find iPhone security flaws

2
791

LAS VEGAS: Apple Inc is offering cybersecurity researchers up to $1 million to detect flaws in iPhones, the largest reward offered by a company to defend against hackers, at a time of rising concern about governments breaking into the mobile devices of dissidents, journalists and human rights advocates.

Unlike other technology providers, Apple previously offered rewards only to invited researchers who tried to find flaws in its phones and cloud backups.

At the annual Black Hat security conference in Las Vegas on Thursday, the company said it would open the process to all researchers, add Mac software and other targets, and offer a range of rewards, called “bounties,” for the most significant findings.

The $1 million prize would apply only to remote access to the iPhone kernel without any action from the phone’s user. Apple’s previous highest bounty was $200,000 for friendly reports of bugs that can then be fixed with software updates and not leave them exposed to criminals or spies.

Government contractors and brokers have paid as much as $2 million for the most effective hacking techniques to obtain information from devices. Apple’s new bounties, however, are in the same range as some published prices from contractors.

Apple is taking other steps to make research easier, including offering a modified phone that has some security measures disabled. A principal component of breaches is programs that take advantage of otherwise unknown flaws in the phones, their software or installed applications.

A number of private companies, such as Israel’s NSO Group, sell hacking capabilities to governments.

“NSO Group develops technology that is licensed to intelligence and law enforcement agencies for the sole purpose of preventing and investigating terror and crime,” NSO said in a statement. “It is not a tool to target journalists for doing their job or to silence critics.”

2 COMMENTS

  1. iPhone by and large one of the most secured technology today in the industry. The question arises when iPhone is not present in most of the Middle East Region, developing region of the Middle East region where iPhone is merely present thru dealers, distributors, etc.
    With the network of Android 10 now upgraded which is the default system of Chinese devices, systems is not able to upgrade and provide a secured system.
    With the iPhone as I would say in Pakistan they don’t have an office, resident representative, which will over view the area towards the iPhone Security flaws. There is no official service shop, repai facility. All the repair service of iPhone by technician shops which buys junk iPhones reclaim their parts as Display, body, IOS, from a faulty phone. There is a likely possbility the iphones acquired from junk from world wide sources could trash iPhones. They are reclaimed by replacing the requied from body, to display, towards circuity, board, keyboard, all with 3 months, 6 months warranty. And I heard that it works.
    I’ve read iPhone is opening authorised/accredited service center, repair shops, licensed and they will be issued new parts, batteries, OS, and they will be able to issue a warranty of genuine parts, and the functioning of the repair iPhone. Secondly Qualcomm is not present in Pakistan.
    One of the best things to happen for iPhone/Apple to open its own Assembly line, and should grab the entire new era of 5G which is launched in Pakistan and under trails. I phone should test iPhone on 5G in Pakistan for which after undergoing thru the regulatory process, procedures, the phone trails would be allowed in Pakistan duly licensed and authorised for franchised assembly for domestic market i.e., Pakistan for export/marketing to the regional markets with bilateral treaty as China is the very friendly country, hence we can export iPhone if authorised to assemble in Pakistan can be easily exported to China and the rest of the world, subject to reciprocal trade agreements.

LEAVE A REPLY

Please enter your comment!
Please enter your name here