Three years ago, Apple debuted its first bug bounty program for iOS devices. Many researchers criticized the tech giants decisions for not including macOS and other Apple platforms.
It appears Apple has finally listened to developers and security experts who were previously pointing out macOS vulnerabilities for free. At the ongoing Black Hat 2019 conference in USA, Apple announced that it is expanding its bug bounty program to macOS, tvOS, watchOS, and iCloud.
On top of that, the bug bounty program will include rewards up to $1 million for a zero-click, full chain kernel code execution attack. Previously, the maximum reward limit was up to $200,000 per exploit.
Under the updated Apple’s bug bounty program, researchers can claim a 50% bonus if the vulnerability is reported in the pre-release build. The bounty program will be available to security experts later this year.
For many security researchers, bug bounty programs have been significant motivations to report flaws to tech companies. In fact, ethical hackers aged as low as 19-years have made millions from these programs. However, some have refused to submit macOS flaws to Apple since there was no bounty to start with.
If you think about it, security researchers are also right on their part. Tech companies like Google and Apple already have top-class researchers working on vulnerabilities day and night.
Whereas an ethical hacker with a few resources, sitting in his do ..
Support the originator by clicking the read the rest link below.
