After such a long time Apple has launched a Bug Bounty Program for Researchers.Previously Apple had Followed a Responsible Disclosure Policy but only Limited to Hall Of Fame as Reward for the researcher.This announcment was made on Black-Hat Conference Yesterday.The program will be officially launched in September and it will be Only Invite-base at the start.But Apple is planning to make it public as the program matures.
The program offer Bounty for working exploits against the latest version of IOS and other Hardware and Software produced by Apple.
Following are the initial Categories Defined by Apple
In recent Bug Bounty Programs have gained much popularity and it is considered as a best way to encourage Researchers who do Responsible Disclosure.Many big companies Like Uber,Fiat Chrysler have launched their Bug Bounty Program this year.Uber's program has till now paid more than $400,000 ,and currently it is at 1st Place in Hackerone.com Ranking(in terms of Bounties Paid).Google paid out more than $2 million in bug bounties last year, mostly for vulnerabilities in Android.
The main reason to set-up Bug bounty program can be the case of San Bernardino Case in which Police Purchased an exploit(un-disclosed) in order to break the secuirity of the killer's phone.
Anyway its a good move by Apple.And some very good vulnerabilites and 0days are coming ahead...
0 comments:
Post a Comment