Apple announced the bounty bounty bonty bounty bonty bonus for the most dangerous exploits

Since its setup Nearly a decade ago, Apple has always supported the maximum payment of $ 200,000 in 2016 and $ 1 million in 2019. The company is now increasing stock. At the Hexacon offensive security conference in Paris on Friday, Apple’s deputy director of security and architecture, Ivan Krstić, announced a maximum of $ 2 million for a chain of software abuse that could be misused for espionage.

The move shows how exploitable vulnerabilities can be highly protected in Apple’s mobile environment – and the company’s length is wrong to prevent such discoveries from falling. In addition to individual payments, the company’s grace also includes a reward structure and adds other awards for exploitation that can bypass its extra secure lock mode, as well as Apple’s software still in beta testing. Overall, the maximum award for what otherwise be a potentially catastrophic exploitation chain will now be $ 5 million. Changes will be implemented next month.

“We are paying millions of dollars here and there’s a reason,” says Crisich. “We want to make sure that for the most difficult categories, the most difficult problems, the things we see closely with the type of attack on the mercenary spy – researchers who have those skills and abilities and take this effort and time can earn a great reward.”

Apple says more than 2.35 billion devices are active worldwide. The bounty of the company was initially an invited program for prominent researchers, but since its inauguration in 2020, Apple says it has awarded more than $ 35 million to more than 800 security researchers. High dollar payments are very rare, but Krstić says the company has paid $ 500,000 in recent years.

In addition to the higher potential rewards, Apple is also expanding the BUnet BUUTY categories to include specific types of misuse of one -click browser infrastructure as well as the viability of wireless proximity to any type of radio. And even a new proposal is known as the “target flag” that puts the concept of flagship hacking in the real world of Apple software to help researchers show their abilities quickly and definitely.

Apple’s bounty is just one of the long -term investments aimed at reducing the prevalence of dangerous vulnerabilities or blocking them. For example, after more than five years of work, the company announced the security protection in the new iPhone 17 last month, which aims to revoke the most misuse of iOS bugs. This feature, known as the implementation of memory integration, is a major fluctuation that aims to protect a small minority from the most vulnerable and very targeted groups in the world – including activists, journalists and politicians – at the same time adding defense to all users of new devices. To this end, the company announced on Friday that it would donate thousands of iPhones to law groups working with people at risk for targeted digital attacks.

“You can say, well, it seems that a great effort to protect this very few users targeted by mercenary espionage, but there is only an undeniable undeniable history described by journalists, technical companies, and civil society organizations,” Karsticich says. “And we feel a great moral commitment to defend those users. Despite the fact that the overwhelming majority of our users will never be targeted, it will ultimately be a growing protection for everyone.”