Apple joins companies like Facebook, Google and Microsoft.
By Sreekanth A Nair
Technology giant Apple on Thursday announced that the company will pay hackers who report flaws in the software released by Cupertino-based company, reported AP.
Ivan Krstic, the head of Apple security said during a talk at the Black Hat cybersecurity conference in Las Vegas that the company would pay up to $200,000 to hackers who find and report bugs in its software.
“We are pleased to announce an Apple security bounty program,” Krstic said. “We want to reward the people, and frankly the creativity it takes to find bugs in these categories,†he added.
With this announcement, Apple joins companies like Facebook, Google, Microsoft, and Yahoo that has been following the practice of rewarding the hackers with “bug bounties” for finding the flaws in their software.
According to a report in The New York Times, the offer includes $25,000 for hacking Apple’s digital compartments and into its customers’ data, $50,000 for bugs in iCloud data, and $200,000 to turn over critical vulnerabilities in Apple’s firmware.
The move is to encourage the hackers report directly to the company regarding bugs in its software. It will discourage the hackers from selling the crucial information to hacking or other agencies.
However, the offer is not open to all. Initially, the company will reward a limited number of researchers with whom they had earlier worked. But, if an outside researcher finds a highly contentious bug in the system, the company will pay even though the person has no previous experience reporting flaws.
The hackers will have to point out the flaw and demonstrate how the vulnerability cold expose critical data before the expert panel of the company. The program is expected to launch in September.
Apple had earlier made headlines when it refused to help the US Department of Justice crack the encryption in an iPhone that belonged to one of the shooters in the San Bernardino, California, terrorist attack. The government paid about $1 million to an outside agency to crack the encryption.