보안 버그를 발견하면 애플이 최대 150만달러 현상금을

ment 12/22 '19 posted 뉴스 IT

• 자격을 갖추려면 개인이 버그를 Apple Product Security에 보고한 첫 번째 사람이어야합니다. 그들은 실제 익스플로잇이 포함된 보고서를 넘겨 주어야합니다 (애플은 없으면 최대 50 %의 보상금만 지불할 것이라고 말합니다). Apple은 공식 보안 권고를 할 때까지 이 문제를 밀봉해야합니다.

• 예를 들어, 올해 초에 macOS 키체인의 익스플로잇을 발견한 보안 연구자가 애플과 공개된 갈등에 빠진 것은, iOS 이외의 시스템을 위한 보상 프로그램이 부족한 것을 분명히하고 있습니다.

• 새로운 변화의 일환으로 Apple은 발견된 결함에 따라 익스플로잇 당 최대 현상금을 20 만 달러에서 100 만 달러로 늘렸습니다.

• Apple이 문제를 효율적으로 재현할 수 있도록하는 데 필요한 정보가 누락된 보고서는 받아 들여지더라도 현상금 지불이 크게 줄어 듭니다.

• 백만 달러의 최대 보상 외에도, 기술 대기업은 공개 버전 이전에 베타 버전 소프트웨어의 보안 문제를 보고하는 전문가에게 50 %의 추가 보너스를 제공할 것이라고 발표했습니다.

• 최고 지급액은 특히 최신 Apple 기기 및 소프트웨어에 영향을 미치는 경우 여러 Apple 플랫폼에 영향을 미치는 버그를 발견한 연구원에게 제공됩니다.

Apple will pay you $100,000 if you find a bug in iCloud [www.cnet.com]

Apple Expands Bug Bounty Program Beyond iOS [gizmodo.com]

Apple opens its bug bounty program to the public with up to $1.5 million in payout [www.neowin.net]

Apple opened its bug bounty program to the public [www.theverge.com]

OnePlus opens its own paid security-incident bounty program [www.notebookcheck.net]

Apple Bug Bounty Program Now Open To All, Reward Increased Up To $1.5 Million [www.redmondpie.com]

Apple Offers Up To $1.5 Million To Anyone Who Spots A Software Flaw [www.cultofmac.com]

Apple opens its bug bounty program to all white hat hackers [securityaffairs.co]

Apple Kicks Off Public Bug Bounty Program [www.securityweek.com]

Mac Bug Bounty Program Opens [mjtsai.com]

Apple opens its bug bounty program to the public with up to $1.5 million in payout [www.neowin.net]

Apple's Bug Bounty Opens for Business, $1M Payout Included [threatpost.com]

Apple's Bug Bounty Program is Now Open to All Security Researchers [www.iphoneincanada.ca]

newest replies popular replies

Open Wiki - Feel free to edit it. -

12/22 '19 answered

Apple will pay you $100,000 if you find a bug in iCloud https://t.co/50XyrZ0iCe pic.twitter.com/y5S76DcQlX
— Rich Tehrani (@rtehrani) December 21, 2019

Apple Plays Catch Up With Super-Lucrative Bug Bounties https://t.co/QEYMwu3r9M ⁦@Gizmodo⁩ #Apple #bugbounty
— David Bisson (@DMBisson) December 21, 2019

Time to start looking for ?? https://t.co/vytOITk8vD via @gizmodo
— John H4X0R (@JohnH4X00R) December 21, 2019

Apple opens its bug bounty program to the public with up to $1.5 million in payout #Apple https://t.co/PcaFoNKoM3 pic.twitter.com/5kog7Tn00I
— Neowin (@NeowinFeed) December 20, 2019

Apple opens its revamped bug bounty program to the public https://t.co/igjs6Ap73X pic.twitter.com/gEWYNYQKQ2
— The Verge (@verge) December 21, 2019

[버지] 애플, 버그 포상금 제도 개방https://t.co/7Qtv0TUAXn
iOS만 대상으로 했던 2016년의 신고 프로그램이 이제 iCloud, iPadOS , macOS, tvOS, watchOS도 포함하며 모든 보안연구가들의 신고를 받기로 함. 문제의 상세와 애플이 재현할 수 있는 과정을 보고해야함.
— 라루얀 / 말썽쟁이 구운 경단 ? (@LaruYan) December 21, 2019

Apple opens its revamped bug bounty program to the public https://t.co/FJwPRawu1S pic.twitter.com/tKVKIkrCh0
— The Verge (@verge) December 20, 2019

Apple opened its bug bounty program to the public - “offering rewards of $1 million or more for discoveries of major flaws in its operating systems.” https://t.co/XDhmN0mmd3
— James Huff (@MacManX) December 20, 2019

Apple opens public bug bounty program, publishes official rules ⇒ https://t.co/GLpKML3ZMR by @campuscodi
Max reward now tops $1,5M depending on the exploit chain's complexity and severity ?
— Eugene Kaspersky (@e_kaspersky) December 20, 2019

Apple’s bug bounty is now fully live. Great to see Apple investing in security researchers findings on both iOS and macOS ? https://t.co/N2V3REBc27
— Tom Warren (@tomwarren) December 20, 2019

Now live!

?The new Apple Security Bounty! https://t.co/T4A2vTGSnM

?The new Apple Platform Security guide, featuring Mac for the first time!https://t.co/76qglenmif

(PDF version: https://t.co/8F4kb8izgD)

?My Black Hat 2019 talk: https://t.co/bqs6A3VAQ8

Happy holidays! ?
— Ivan Krstić (@radian) December 20, 2019

Apple Formally Opens Bug Bounty Program to All Security Researchers, Expands Program Scope to Broader Spectrum of Products and Raises Top Bounty to $1.5 Million @campuscodi https://t.co/XnQQzmQdhj https://t.co/qhe728Op44
— Metacurity - The End to Cybersec News Overload (@Metacurity) December 20, 2019

fun fact:

double clicking the side button is not just a quick gesture to use apple pay — it’s how we determine your intent (that you actually wanted to initiate a payment). since it’s hardware based, it can’t be hacked in the way that software can be. https://t.co/NHf2qjW1xa pic.twitter.com/BJLj7YzpGc
— Trevor Young (@_tyoung) December 21, 2019

Apple offers up to $1.5 million to anyone who spots a software flaw https://t.co/nc6RISq1e5 by @lukedormehl pic.twitter.com/ODUAumv9f8
— Cult of Mac (@cultofmac) December 20, 2019

ICYMI: Apple offers up to $1.5 million to anyone who spots a software flaw https://t.co/nc6RISq1e5 by @lukedormehl pic.twitter.com/4lSF3P2FQU
— Cult of Mac (@cultofmac) December 20, 2019

Apple opens its bug bounty program to all white hat hackers #CyberSec #infosec #Security #cybercrime #ThreatIntel #cyberattacks #fraud #cybersecurity #dataprotection #privacy #cyberthreats #databreaches https://t.co/qFfDLiGlvh
— Jiniba (@JinibaBD) December 20, 2019

Apple opens its bug bounty program to all white hat hackershttps://t.co/6uFyRIePxI
— OUTLAW 09 (@rich_outlaw) December 20, 2019

Apple has just kicked off its public bug bounty program after announcing it earlier in the year at BlackHat2019#apple #iphone #iOS #macOS #bugbounty #infosec https://t.co/anihAglGS4
— SecurityTrails (@securitytrails) December 21, 2019

Apple's Bug Bounty Opens For Business, $1M Payout Included https://t.co/Q6b91WACZ3 #Apple #CyberSecurity #websecurity pic.twitter.com/jI9V68UoWJ
— Danny Penrose (@dannypenrose) December 21, 2019

Apple’s Bug Bounty Opens for Business, $1M Payout Included: https://t.co/5tRms2mtlV
— The Cyber Security Hub (@TheCyberSecHub) December 20, 2019

Apple’s Bug Bounty Opens for Business, $1M Payout Included #CyberSec #infosec #Security #cybercrime #ThreatIntel #cyberattacks #fraud #cybersecurity #dataprotection #privacy #cyberthreats #databreaches https://t.co/zISMv1VKQG
— Jiniba (@JinibaBD) December 20, 2019

Apple’s Bug Bounty Opens for Business, $1M Payout Included #CyberCrime #ThreatIntel #OSINT https://t.co/RsQf5hoeiQ
— INTCELL CyberInt (@INTCELL_OSINT) December 20, 2019

permanent link

Open Wiki - Feel free to edit it. -

12/22 '19 answered

"#Apple is opening its bug bounty program to the latest publicly available versions of iOS, iPadOS, macOS, tvOS & watchOS. Researchers who find & clearly report issues to Apple Product Security will get a large payout (up to a max of) $100,000 to $1M." https://t.co/q9cx86Bdle
— amber mac (@ambermac) December 21, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured