If you can pull off a very specific iPhone hack, Apple has a million dollars for you.
Apple announced a big changes to its bug-bounty program it launched in 2016. The biggest is a new $1 million reward if you find a very specific exploit.
The $1 million will go to security researchers (or group of researchers) that are able to carry out a “zero-click full chain kernel execution attack with persistence,” Techcrunch reports.
If you don’t know what that is, don’t worry. It’s an attack that would result in the hacker getting to the core of Apple’s operating system, iOS, and gaining control of the iPhone in question without any user interaction. If someone (or several someones) are able to pull the hack off and share how they did with Apple, they’ll get $1 million.
The new challenge was presented by Apple during the Black Hat cybersecurity conference being held in Las Vegas this week. Black Hat is currently the world’s leading information security event. Held in Las Vegas, the week starts with four days of technical training. followed by a two-day main conference. The conference ended yesterday on August 8th.
Beyond the new top prize, Apple also announced that it’s extending the bug-bounty program to include not just iOS, but also macOS, tvOS, and watchOS.
In the past, hackers have reportedly refused to alert Apple to security bugs without receiving any kind of bounty. By offering a cash prize for those platforms as well as iPhone, the company is setting itself up to potentially be able to work better with the hackers and security researchers that typically search for and find exploits.
The bug bounty program, which was previously invite-only, is also now available to any researchers that would like to participate, which should widen the number of people looking for those issues. Additionally, Apple will be offering a 50% bonus to any researcher that is able to find an exploit in the beta or developer preview version of the operating system prior to its public release.
That $1 million is a pretty substantial prize. The bounty is the largest reward being offered by a major tech company and is a dramatic increase from the top reward of $200,000 previously offered by Apple for finding exploits in iOS.
Apple’s new bug-bounty programs are expected to become available later this year.
Related Posts
OnePlus 15T leak spills details on a curious camera situation
According to the Chinese tipster Digital Chat Station (via Weibo), a "small-screen phone powered by the Snapdragon 8E5 is ready," translated from simplified Chinese. This phone, believed to be the OnePlus 15T, could feature a dual-camera setup "with a 50MP main sensor and a 50MP telephoto lens."
WhatsApp has begun testing a long-overdue group chat feature
The Meta-owned messaging platform is testing a new feature called "group chat history sharing" (via a WABetaInfo report). As the name suggests, the feature lets a WhatsApp user (likely the admin) share the chat history (up to 100 messages sent within 14 days) with someone while adding them to a group.
Google Photos introduces a fun new way to turn yourself into a meme
According to a recent post on Google's support forums, Me Meme is a generative AI feature that lets you star in trending memes using a template and a photo of yourself. It's rolling out in Google Photos for Android in the US, and you can try it out by tapping the "Create" button and selecting the new "Me meme" option.