Apple says it will pay $1 million to any researcher or ethical hacker who can successfully break into an iPhone by exposing the vulnerabilities in the device software. This is a big bug bounty as compared to the offerings by other tech companies who are offering similar task but with smaller reward.
Apple announced this highest bounty at the annual Black Hat security conference in Las Vegas in August 2019.
Black Hat is the technical and information security event series in the world happening for more than 20 years. The event have provided attendees with latest information in security research, development, and trends in a strictly vendor-neutral environment. The Black Hat conference is attended by a lot of security researchers and ethical hackers from all over the world who attempt to hack the computer systems of companies and governments in a legal way to expose vulnerabilities. The identified loopholes then need to be fixed to prevent outside attackers from breaking into systems and devices.
Apple started offering bounty of up to $200,000 in year 2016 to researchers and ethical hackers for critical bug reporting. Apple’s Head of Security Engineering and Architecture, Ivan Krstic said since that time, the Apple bounty program had received 50+ useful bug reports.
Bounty the hackers receive will depends upon the severity level of the bug they found. To Earn $1 million the hacker must have to find a loophole or a hack to the kernel of the operating system. Kernel is considered as the most secure and important layer of an operating system, if someone gets access to the kernel then all the hardware/software components can be controlled in most of the cases. In addition to $1 million Apple is offering additional fifty percent if the bug is found in pre-release of software version making overall bounty to hefty amount of $1.5 million.
On the other hand Microsoft had paid researchers more than $4.4 million in bounty rewards during the past year for identifying security flaws.