Trending Now

Menu
Search
Headline
What are some things to do in Drenthe this weekend?
What are some things to do in Drenthe this weekend?
Column | It's not America
Column | It’s not America
Builders see new construction rebounding faster than expected
Paris Olympics Medal Count: Track Medals by Country in 2024
ASRock Shows First Slim Mini-ITX Motherboard for AM5 Socket Mini PCs – Computer – News
Nvidia working on RTX 3050 laptop with Ada Lovelace GPU from RTX 40 series – Computer – News
Brazilian farmer fined $47 million for Amazon deforestation
Pilot killed in Nepal plane crash, sole survivor
Platini not interested in Henry's team at Olympics - Football International
Platini not interested in Henry’s team at Olympics – Football International

Apple has paid 20 million bug bounties since 2019 and renews the platform – Computer – News

science
Courtney Horton

Apple has paid 20 million bug bounties since 2019 and renews the platform – Computer – News

Apple has paid nearly $20 million to security researchers through its bug bounty program so far. That started in 2019. The company has also revamped its existing bug bounty platform, which will also contain more information about domains.

Apple has His website for external bug bounty researchers It has been completely revamped, although the public page has relatively sparse information compared to many other first-party bug bounty platforms. Also on the new site Maximum reward increased. This applies to Lock mode in iOS 16 and macOS 13. Lockdown targets users concerned about targeted cyber attacks, such as human rights activists, journalists or politicians. Researchers who can circumvent its security can receive up to $2 million in reward from Apple. The maximum amount of being able to run code in the kernel without user interaction is still a maximum of $1 million.

Apple writes In an accompanying blog post They have already paid out “nearly $20 million” in bonuses since launching the bug bounty program. The median wage is $40,000. In 20 cases, Apple paid more than one hundred thousand dollars for the vulnerability. Apple made its bug bounty program available to the public in 2019. This made it one of the last major tech companies to launch a bounty program.

The growth is “one of the largest in the history of the industry,” according to Apple, but it hasn’t been without conflict. Apple has been criticized for its bug bounty program in the past. Several times, researchers put details online about the vulnerabilities that were found, because often they haven’t heard anything from Apple. Also security researchers Who did Twicker talk to earlier? tell similar stories; Apple security researchers often have hearing impairments and don’t know exactly what to do with their reports.

Apple didn’t immediately recognize this issue in its blog post, but says it now responds more quickly to notifications. “Sometimes we got more requests than we expected, so we increased our team and made sure we could conduct an initial review of each report within two weeks, and mostly within six days,” the company wrote. It also makes it easier for hackers to pass on reports. You can do this via the website by signing in with your Apple ID. Researchers then go to a page where they see an update on the status of their report and where they can contact Apple directly.

From the end of November, it will also be possible for researchers to participate in the SRS program. These are iPhones for security researchers. This makes it easier for them to do research, but the program to get these devices has always been very limited.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top