Almost three years after announcing its iOS bug bounty program, Apple has announced a new bug bounty for macOS that will pay security researchers up to $1 million to find and report vulnerabilities.
At the Black Hat security conference in Las Vegas last week, Apple announced the expansion of its bug bounty program that only covered iOS until now. Apart from increasing the maximum bounty from $200,000 to $1 million, the expanded program now comes to include Mac desktops, MacBooks, Apple TV, and Apple Watch.
The bounty program will pay ethical hackers to report any dangerous security vulnerabilities, instead of selling their findings to the highest bidder. The increased bounty amount is there to make sure that security researchers are not tempted to sell to oppressive (or otherwise) nation states, or security companies which would want to use the information offensively.
Of course, the amount given to anyone will depend on how severe the bug they find is. A $1m bounty will be paid for a weakness in iOS that can allow the kernel to be hacked, without user action. A 50% bonus is also given if a bug is found in pre-release software. This could potentially increase earnings to up to $1.5m.
The expansion comes at a time when governments and some companies are becoming more and more interested in acquiring knowledge of vulnerabilities and bugs, in order to use them for various purposes.
Apple’s huge payout might just be what is needed to stop the wrong people from getting their hands on this information.
You might also like
More from Tech
Spotify announced the acquisition of Megaphone, a leading podcast advertising and publishing platform, to expand its podcast advertising offerings.
The FDA has approved the sale of NightWare, a prescription-only Apple Watch app that helps treat PTSD-related nightmares.
Raspberry Pi has released Raspberry Pi 400, a $100 complete personal computer built right into a compact keyboard.