Apple offers $1 million bounty for spotting iPhone security flaws

Contacts on iPhones vulnerable to hack attack Report

Contacts on iPhones vulnerable to hack attack Report

Wait, what? How come a four-year-old bug has never been fixed? "Luckily for us, SQLite databases are not signed", the report quoted the Check Point researchers as saying.

While the researchers found it fairly easy to install a malicious replacement database on iOS, the technique requires access to an unlocked device. "We proved that memory corruption issues in SQLite can now be reliably exploited", said Check Point. The Cupertino company had its own reasons for not fixing the bug despite being aware of its existence.

In terms of just what is exactly they expect from you to earn that milly, the researchers (hackers) who are able to hack the core of iOS without any clicks required, will go home a million dollars richer. The bug could be triggered only by an unknown app accessing the database.

As an example, the researchers demonstrated a simple attack that simply crashed the Contacts app. Check Point's hack works on devices running iOS 8 through the beta versions of iOS 13.

At the annual Black Hat security conference in Las Vegas last week on Thursday, Apple said it would open the process to all researchers, add Mac software and other targets to the research domain and offer a range of rewards, called "bounties", for the most significant findings. "Sure this is a win for Apple, but ultimately this a huge win for Apple's end users".

Britain's FCA looking into Muddy Waters short attack on Burford Capital
Christopher Bogart , chief executive of Burford, said the company's "market-leading" business is the same as it was a week ago. Layering involves placing and cancelling orders at higher prices in an attempt to give the impression of high trading volumes.

With people growing more concerned about their digital privacy and how secure their personal data is, Apple is putting its money where its mouth is when it comes to protecting its customers from hackers. All they needed was some tape, a pair of spectacles, and an unconscious or sleeping iPhone user.

On a related note, previously this year, a researcher found an exploit that might permit bad actors to get passwords from system keychains and login without needing admin privileges.

Putting their security systems to the test, Apple are offering up $1 million (£830,000) to anyone that can successfully hack an iPhone.

Apple announced a big changes to its bug-bounty program it launched in 2016. Apple's new bounties are now in the same range as some published prices from contractors.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.