Apple Ups Bug Bounty Payouts, Expands Access to All Researchers and Launches macOS Program

Justanotherfanboy · Aug 8, 2019

osx86 said:
time to get PAID

Lol, you have a zero-click kernel code execution with persistence bug you found, that you’ve been sitting on???
By all means, sir.... GET PAID!

FamVR · Aug 9, 2019

Finally. At last. Good move Apple.

By the way. I’m known - to insiders - for giving bugs away to other people in the community, because there was no macOS bug bounty program, but that will change right now.

Romeo_Nightfall · Aug 9, 2019

so here we are with an official apple security scheme.
icloud is the least secure thing they have, haha.

thanks tim hollywood for stating it that clear!

Balkon · Aug 9, 2019

With the money Apple has I never understood why they didn't push all this forward years ago.

Sasparilla · Aug 9, 2019

Great news and I like its not just Mac OS that they're adding here. A little late, but glad they're getting it done.

It'd not just Privacy Apple is providing customers, its security as well - nice to see they're embracing that.

The vulnerabilities identified and closed off the more secure our OS's are.

Shirasaki · Aug 9, 2019

IIGS User said:
Just like my old man used to say. Never buy the first year of a new model car or truck. Give it a year or two for some other idiot to find out the wiper switch doesn't like prune fumes, or some other issue no one thought up....

That’s why I don’t buy launch day iOS device, for the same reason.

SecuritySteve · Aug 9, 2019

now i see it said:
Hackers are now called "researchers".

Depends on what color hat you wear.

citysnaps · Aug 9, 2019

Balkon said:
With the money Apple has I never understood why they didn't push all this forward years ago.

Because all successful companies, large or small, are resource limited.

I worked for a 10 person fabless ASIC semiconductor company in Palo Alto (Silicon Valley). We were always resource limited. We were eventually acquired by a very successful large company with many thousands of employees. And we were still resource limited.

In each case there were projects that could have been taken on, but the resources (engineers/$/time/etc) were not available.

dantroline · Aug 10, 2019

citysnaps said:
Because all successful companies, large or small, are resource limited.

I worked for a 10 person fabless ASIC semiconductor company in Palo Alto (Silicon Valley). We were always resource limited. We were eventually acquired by a very successful large company with many thousands of employees. And we were still resource limited.

In each case there were projects that could have been taken on, but the resources (engineers/$/time/etc) were not available.

Apple is heading for a crisis if it doesn't expand its horizons, such as into enterprise networking and large scale computing, but to do so it has to improve its security credentials. No one really trusts Apple for that sort of thing, because it isn't open about its problems - better the devil you know.

Search

Search

Apple Ups Bug Bounty Payouts, Expands Access to All Researchers and Launches macOS Program

Justanotherfanboy

Suspended

FamVR

macrumors regular

Romeo_Nightfall

macrumors 65816

Balkon

macrumors member

Sasparilla

macrumors 68020

Shirasaki

macrumors P6

SecuritySteve

macrumors 6502a

citysnaps

macrumors G5

dantroline

macrumors 6502

Our Staff