Apple plans to pay cash rewards to security experts who find flaws in its software.
(CCM) — Apple aims to make life harder for hackers and jailbreakers by establishing a bug bounty program, the company announced at the Black Hat hacking conference in Las Vegas yesterday. The company will pay cash rewards to security researchers who find and report bugs in its software so that the company can fix them before hackers have a chance to find and exploit them. By offering the rewards, Apple hopes to make it more worthwhile for researchers to spend time scrutinizing its code. The bounties on offer include payments of up to $50,000 for bugs that provide access to iCloud data, up to $100,000 for vulnerabilities that allow extraction of data from Apple's Secure Enclave, and up to $200,000 for bugs in the core firmware running on Apple devices.
Bug bounty programs have become an increasingly common way for organizations to raise the security of their software, and companies like Amazon, Facebook, Google, and Twitter already have well-established ones. Apple's program will launch in September, and the company is encouraging researchers to give any bounties they earn to charity by promising to match their donations. Although initially it will only be open by invitation, the company plans to expand the program to more people in the future.
Image: © Andrey Bayda - Shutterstock.com