Apple hasn’t made an appearance at Black Hat hacker conference in its history but this year Cupertino is Thinking Different™ about security. Head of Apple security, Ivan Krstic, today said the company would pay huge (up to $200K) bug bounties to researchers who find and report vulnerabilities in certain Apple software.
A quick breakdown of max. payments::
Secure Boot firmware: $200,00
Extraction of confidential material protected by the Secure Enclave Processor: $100,000
Execution of arbitrary code w/kernel privs: $50,000
Unauthorized access to iCloud account data on Apple Servers: $50,000
Access from a sandboxed process to user data outside of that sandbox: $25,000
Earlier this year, the FBI paid out under $1M to extract the data from the San Bernadino terrorist’s iPhone. Perhaps Apple is trying to eliminate this back doors into its crown jewel software. more…Filed under: Apple
