Apple is finally rewarding security researchers for
finding security flaws in macOS. At the Black Hat conference today,
Apple announced that it is greatly expanding its existing bug bounty
program to include macOS, tvOS, watchOS, and iCloud. It will include
rewards of up to $1 million for a zero-click, full chain kernel code
execution attack.
While Apple originally started paying iOS bounties three
years ago, researchers have only been paid for ones found in Apple’s
mobile operating system. macOS was never included, and it’s led to a
number of security researchers pushing the company to change course.
Apple is now expanding its bug bounty program far behind just iOS.
iCloud, iOS, tvOS, iPadOS, watchOS, and macOS will now be
covered. Apple is now opening its bug bounty program to all researchers
and the payout is increasing beyond the current $200,000 maximum. The
very maximum is a $1 million payout for iOS vulnerabilities that let
attackers control a phone without any user interaction.
The updated bug bounty program could help convince more
security researchers to report vulnerabilities to Apple. Earlier this
year, a security researcher detailed a macOS flaw, but refused to submit it to Apple until the company pays researchers for Mac security flaws.
Security researchers have been reluctant to help Apple
with its security, though. Apple now offers up to $1 million to
security researchers who discover iOS vulnerabilities and report them,
but these bugs are often way more valuable to sell on the black market.
.
Credit goes to - TheVerge
0 comments:
ဤဝက်ဆိုဒ်သည် ယူနီကုဒ်စံစနစ် ကိုလိုက်နာကျင့်သုံးထားပါသဖြင့် Comment များကို ယူနီကုဒ်ဖောင့်ဖြင့်သာ မှတ်ချက်ပေးစေလိုပါသည်။
စိတ်ဝင်တစားဖတ်ရှုခြင်းအား ကျေးဇူးအထူးတင်ရှိပါသည်။
Rabbit Converter ကိုအသုံးပြု၍ ဖောင့်ပြောင်းလဲနိုင်ပါသည်။