According to a new security report, Microsoft and Apple have both leveled the bugs with new incentives for security researchers.
Microsoft has doubled the Azure cloud software vulnerability to $ 40,000. It also introduced a hacker environment called Azure Security Lab, which is a cloud infrastructure dedicated to letting cybersecurity researchers test their skills in an IaaS environment.
Hackers do not get off-line color. Instead, the lab includes a series of scenario-based challenges that they can follow to try to exploit the system. They can make up to $ 300,000 if they succeed, according to Microsoft's blog post announcing Lab. For more on this, read the Infosecurity report.
Apple is also reportedly preparing its existing bounty program in two ways. Forbes reports that the company announced plans to provide security researchers with developer versions of its iPhone, with access to the underlying software and hardware that normal users do not get. For example, these phones, which will only be available to existing participants in Apple's invitation-only invitation error program, allow them to inspect system memory.
The iPhones will be given to the rock star hackers who participate in the Cupertino company's invitation-only bug reward program, in which participants reveal bugs in Apple products in return for financial rewards. The payment could go as high as $ 200,000, announced at the 201
Apple will also unveil a bug-busting program for its MacOS operating system, according to the report. This could mean that researchers like Linus Henze, who discovered an error in the Mac operating system's keychain password manager earlier this year, will finally get paid.
What makes these iPhones special? A source with knowledge of the Apple announcement said that they would essentially be "dev devices." Think of them as iPhones that allow the user to do much more than they could on a traditionally locked iPhone. For example, it should be possible to search for parts of the Apple operating system that are not easily accessible on a commercial iPhone. In particular, the special devices can allow hackers to stop the processor and inspect the memory for vulnerabilities. This will allow them to see what happens at the code level when trying an attack on iOS code. For Forbes details on this, read the Forbes report.
Commenting on this site: Pat reserves the right to post, reject or edit any Comments. negative behavior will cause it to be blacklisted on Disqus.