Apple offers $1 million bounty for spotting iPhone security flaws

Article Image Apple is Reportedly Paying $1M to Anyone Who Can Hack an iPhone

Article Image Apple is Reportedly Paying $1M to Anyone Who Can Hack an iPhone

Wait, what? How come a four-year-old bug has never been fixed? "Luckily for us, SQLite databases are not signed", the report quoted the Check Point researchers as saying.

While the researchers found it fairly easy to install a malicious replacement database on iOS, the technique requires access to an unlocked device. "We proved that memory corruption issues in SQLite can now be reliably exploited", said Check Point. The Cupertino company had its own reasons for not fixing the bug despite being aware of its existence.

In terms of just what is exactly they expect from you to earn that milly, the researchers (hackers) who are able to hack the core of iOS without any clicks required, will go home a million dollars richer. The bug could be triggered only by an unknown app accessing the database.

As an example, the researchers demonstrated a simple attack that simply crashed the Contacts app. Check Point's hack works on devices running iOS 8 through the beta versions of iOS 13.

At the annual Black Hat security conference in Las Vegas last week on Thursday, Apple said it would open the process to all researchers, add Mac software and other targets to the research domain and offer a range of rewards, called "bounties", for the most significant findings. "Sure this is a win for Apple, but ultimately this a huge win for Apple's end users".

Eddie Murphy Plays Rudy Ray Moore in Netflix’s ‘Dolemite Is My Name’
By looking at the first footage, it's clear this isn't going to be a paint-by-numbers affair, which is refreshing. Murphy plays Moore in Dolemite Is My Name , which comes to Netflix and select theaters this fall .

With people growing more concerned about their digital privacy and how secure their personal data is, Apple is putting its money where its mouth is when it comes to protecting its customers from hackers. All they needed was some tape, a pair of spectacles, and an unconscious or sleeping iPhone user.

On a related note, previously this year, a researcher found an exploit that might permit bad actors to get passwords from system keychains and login without needing admin privileges.

Putting their security systems to the test, Apple are offering up $1 million (£830,000) to anyone that can successfully hack an iPhone.

Apple announced a big changes to its bug-bounty program it launched in 2016. Apple's new bounties are now in the same range as some published prices from contractors.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.