Apple to pay $1.5 million if you can hack an iPhone | Inquirer Technology

Apple to pay up to $1.5 million to those who can hack an iPhone or Mac

/ 05:48 PM December 23, 2019

Apple announces plan to build $1 billion campus in Texas

Image: AFP/Emmanuel Dunand

Apple has finally opened the doors of its security bounty program to all ethical hackers around the globe, and is willing to pay up to $1.5 million to those who can find the biggest security issues of the tech giant’s systems.

The issues hackers should find must be on the “latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration, and where relevant, on the latest publicly available hardware,” as per Apple’s statement regarding their security bounty program.

ADVERTISEMENT

Before opening it to the public, the tech giant previously offered up to $1 million back in August to select security researchers if they are able to hack iPhones and Macs, and pinpoint their vulnerabilities, as per Forbes last Friday, Dec. 20.

FEATURED STORIES

Apple divided into categories the issues which should be reported on, with each issue having an equivalent maximum payout:

  • iCloud
    • Unauthorized access to iCloud account data on Apple Servers ($100,000)
  • Device attack via physical access
    • Lock screen bypass ($100,000)
    • User data extraction ($250,000)
  • Device attack via user-installed app
    • Unauthorized access to sensitive data ($100,000)
    • Kernel code execution ($150,000)
    • CPU side channel attack ($250,000)
  • Network attack with user interaction
    • One-click unauthorized access to sensitive data ($150,000)
    • One-click kernel code execution ($250,000)
  • Network attack without user interaction
    • Zero-click radio to kernel with physical proximity ($250,000)
    • Zero-click unauthorized access to sensitive data ($500,000)
    • Zero-click kernel code execution with persistence and kernel PAC bypass ($1,000,000)

The smallest maximum payout starts at $100,000 (over P5 million), which will be rewarded to those who can provide a report on the unauthorized access to iCloud account data on Apple servers.

The biggest maximum payout is $1 million (P50 million), which is for “a zero-click kernel code execution with persistence and kernel PAC bypass,” under its “Network attack without user interaction” category.

Apple is also willing to throw in an extra $500,000 (P25 million) if the issue reported is “unknown to Apple and are unique to designated developer betas and public betas.”

Apple however noted that hackers can still report security issues that are not specified on their listed categories and receive payment for them, as long as they are “with significant impact to users.” JB

RELATED STORIES:

ADVERTISEMENT

Facial recognition tech fooled by AI company using masks, photos

Apple TV Plus joins streaming wars with Oprah but no library

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

Apple resumes human reviews of Siri audio with iPhone update

TOPICS: Apple, Apple iOS, Bug Bounty, Hackers, hacking, iPhone, Mac
TAGS: Apple, Apple iOS, Bug Bounty, Hackers, hacking, iPhone, Mac

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our technology news

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.