At the annual event Black Hat ConferenceDedicated global community InfoSec, Apple launched a program to reward those who discover security vulnerabilities of their own operating systems.
The security engineer Apple, Ivan Krstic, announced that the program for identifying vulnerabilities is dedicated to all individuals who discover bugs. Apple will pay sums of money for these discoveries, depending on the degree of security.
So far, large IT and Internet companies, such as Google and Microsoft, have consistently offered rewards for hackers who managed to discover bugs and vulnerabilities OS and in applications software. Apple refused to do so until this year. It's a sign that Apple it increasingly wants to remain a leader in "safe" systems and applications.
The new program launched by Apple is dedicated to everyone hackers, developers si cryptographers who want to contribute to improve enterprise security.
Apple will provide rewards of up to $ 200,000 for developers, depending on the vulnerability they have discovered. The more important this is, the more the reward amount will increase, but will not exceed 200 thousand US dollars. The maximum amount can be reached for the discovery of firmware vulnerabilitiesAnd other vulnerabilities smaller amount will be 25.000 dollars.
Here are the "rates" for the rewards offered by Apple:
Although each vulnerability is treated with maximum attention, the amount of the reward will be determined according to clarity vulnerability reportNovelty problem and User probability of exposure to the vulnerability discovered and the degree of interaction with the USER data that can exploit the vulnerability.
The bug bounty program will be launched in September, most likely with the release of the new ones modethe of iPhone and new iOS 10.