Apple Inc have announced that it is expanding the company’s Security Bounty program. It will now cover the entirety of the Cupertino, California-based company’s ecosystem and will reward participants if and when they find a vulnerability.
Rewards of up to a cool $1 million are available, with bugs that effectively bypass the lock screen paying $100,000 and discovering a bug that could enable network attacks paying $250,000.
Competition between governments and the big tech companies for knowledge of vulnerabilities is high. The increase in payouts has ensured that responsibly disclosing the vulnerability is no longer merely something platform companies hope hackers will do out of the goodness of their hearts, but something that will reward the person discovering the weakness.
In terms of government, it is widely known that intelligence agencies around the world often buy knowledge of the security vulnerability from third parties, with the aim of using them for espionage.
The money involved now matches the type of figures researchers could expect to earn if they sold their finding to governments or contractors who intended to use it nefariously.
During the recent security conference in Las Vegas, Nevada, the tech revealed a list of recent payouts.
Next year, Apple will launch iOS Security Research. The program will be open to everyone will a good track record of systems security. Special iPhones will be sent to researchers in order for them to explore the device looking for security weaknesses and potential exploits within the operating system.