After hearing rumors that Apple expanded the bug-bounty program earlier this week along with expectations of the company to begin releasing dev devices such as iPhones to security researchers, Apple at the Black Hat conference today confirmed a enormous expansion of its bounty program along with opening it to everyone.
Until now, Apple has restricted the bug bounty program to iOS and restricted those who can participate in it. One of the first major changes announced today by Apple's Chief of Security for Engineering Science and Architecture, Ivan Krstić is that the program opens to include all Apple platforms, even macOS and iCloud.
Moving forward, the expanded program will be open to all security researchers coming this fall, and Apple also shared a list of some of the new payouts that will go up to a million dollars. The original iOS bounty program paid out a $ 200,000 payout.
Amount to find bugs that allow bypass lock or unauthorized access to iCloud to pay $ 1
Apple Bug Bounty. pic.twitter.com/jyD9UwU9pI
– mikeb (@mikebdotorg) August 8, 2019
Apple also detailed its new iOS Security Research Device program. It will be launched next year and will also be open to all, as long as applicants have a "track record of high quality system security research …"
This is what will put dev devices like special iPhones in the hands of researchers. Apple says it is a "unique, Apple-supported iOS security research platform" that has "ssh, a root shell and advanced troubleshooting features."
iOS security research apparatus program! pic.twitter.com/4NsKH1DMGd
– Jesse D & # 39; Aguanno (@ 0x30n) August 8, 2019
Top Image via mikeb
Check out 9to5Mac on YouTube for more Apple news: