September 23, 2020

Hackers found many security flaws in Apple products, but have no bug bounty

2 min read

A Google security researcher said that he had discovered 30 vulnerabilities in Apple’s iOS operating system since 2016. These vulnerabilities make Apple’s software more secure – he hopes Apple can pay more for it. Apple iPhone is one of the safest consumer devices in the world, but it doesn’t stop a handful of hackers from finding vulnerabilities. Beginning in 2016, Apple invited these hackers to report vulnerabilities to the company and offer up to six-figure rewards for their discovery, perhaps to prevent them from selling vulnerabilities to other high-income start-ups.

In the past few years, the most prolific iOS vulnerability hunter has been working for Project Zero. Project Zero is Google’s elite hacking team, dedicated to finding and eliminating security vulnerabilities in other companies’ products. His name is Ian Beer, and some people think he is by far the best iOS hacker.

The Black Hat security conference was held in Las Vegas on Wednesday. @i41nbeer sent a message on Twitter to Apple CEO Tim Cook asking him to pay for each vulnerability he reported since 2016 and asked the company to donate $2.45 million.

Most independent iOS security researchers have not submitted any errors to Apple in exchange for vulnerabilities, mainly because doing so will hinder future research and be too much trouble, in contrast, these vulnerabilities may be able to sell more money in the dark market.