At the annual Black Hat security conference in Las Vegas, Apple announced that it will pay $1 million to whoever finds a critical security flaw in its software. This is the highest bounty a company has ever offered to for bug hunting.
All Researchers are Welcome
Previously Apple had offered rewards to only invited researchers who looked for security flaws in their phones.
The company has now said that it will open the bounty to all researchers for finding vulnerabilities in iOS, macOS and other targets, and will offer a range of rewards for significant findings.
The $1 million reward only applies to a specific case where the attacker has to gain remote access to the iPhone’s Kernel without the need for any action from the user.
Apple’s previous highest bounty was $200,000, offered for reporting bugs which can be fixed using software updates to help protect its users from malicious attacks.
All security researchers are welcome to submit their reports for the bounty. Apple has even made things easier for them by offering a modified phone that has some security features disabled.