Go Back   RGN - Reliable Global News > RGN Member Lounge > Science, Tech & Computer News

Science, Tech & Computer News Discussions about the News, Hardware and Software

Reply
 
Thread Tools Display Modes

Apple Offers Big Cash Rewards for Help Finding Security Bugs
  #1  
Old 08-05-2016
RFMariano's Avatar
RFMariano RFMariano is offline
Site Owner - Administrator
 
Join Date: Aug 2006
Location: Florida, USA
Age: 75
Posts: 13,629
Rep Power: 189
RFMariano is a splendid one to beholdRFMariano is a splendid one to beholdRFMariano is a splendid one to beholdRFMariano is a splendid one to beholdRFMariano is a splendid one to beholdRFMariano is a splendid one to behold
Default Apple Offers Big Cash Rewards for Help Finding Security Bugs






Apple Offers Big Cash Rewards for
Help Finding Security Bugs





A man uses his iPhone before a preview event at the new Apple Store
Williamsburg in Brooklyn, New York, U.S., July 28, 2016.

REUTERS/ANDREW KELLY

BY JIM FINKLE - Fri Aug 5, 2016 6:11am EDT

LAS VEGAS | Apple Inc (AAPL.O) said it plans to offer rewards of up to $200,000 (152,433) to researchers who find critical security bugs in its products, joining dozens of firms that already offer payments for help uncovering flaws in their products.

The maker of iPhones and iPads provided Reuters with details of the plan, which includes some of the biggest bounties offered to date, ahead of unveiling it on Thursday afternoon at the Black Hat cyber security conference in Las Vegas.

The program will initially be limited to about two dozen researchers who Apple will invite to help identify hard-to-uncover security bugs in five specific categories.

Those researchers have been chosen from the group of experts who have previously helped Apple identify bugs, but have not been compensated for that work, the company said.

The most lucrative category, which offers rewards of up to $200,000, is for bugs in Apple's "secure boot" firmware for preventing unauthorized programs from launching when an iOS device is powered up.

Apple said it decided to limit the scope of the program at the advice of other companies that have previously launched bounty programs.

Those companies said that if they were to do it again, they would start by inviting a small list of researchers to join, then gradually open it up over time, according to Apple.

Security analyst Rich Mogull said that limiting participation would save Apple from dealing with a deluge of "low-value" bug reports.

"Fully open programs can definitely take a lot of resources to manage," he said.

Apple declined to say which firms provided advice.

Such rewards are currently offered by dozens of firms, including AT&T Inc (T.N), Facebook Inc (FB.O), Google (GOOGL.O), Microsoft Corp (MSFT.O), Tesla Motors Inc (TSLA.O) and Yahoo Inc (YHOO.O).

Microsoft, which has handed out $1.5 million in rewards to security researchers since it launched its program three years ago, also offers rewards for identifying very specific types of bugs. Its two biggest payouts have been for $100,000 each.

Not all bounty programs are as focused as the ones from Apple and Microsoft.

Facebook, for example, has an open program that offers rewards for a wide-range of vulnerabilities. It has paid out more than $4 million over the past five years, with last year's average payment at $1,780.

In March, Facebook paid $10,000 to a 10-year-old boy in Finland who found a way to delete user comments from Instagram accounts.

(Reporting by Jim Finkle; Editing by Andrew Hay)

SOURCE
__________________

Regards,

Reply With Quote
 
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 11:47 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.
Content Copyright RGN - Reliable Global News