Tech companies have long paid bounties to security researchers who find flaws in their software. Until now, however, Apple hasn’t availed itself of this method of encouraging vulnerability discoveries. Apple has announced a bug bounty program that will pay between $25,000 and $200,000 to researchers who discover certain classes of security vulnerabilities in iOS or iCloud. The program is open only to invited researchers for now, but Apple says that if someone outside the program discovers an exploit in a covered class, they may be added to the program. Over on the Securosis blog, TidBITS Security Editor Rich Mogull provides more details and calls it “a good start.”
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.