Apple Announces 'Bug Bounty' Program
August 05 2016 - 03:20AM
Dow Jones News
LAS VEGAS—Apple Inc. will start paying hackers who report
vulnerabilities in its products, the company said Thursday.
With its new "security bounty," the company joins a growing list
of technology companies that pay cash for valuable security
information. Microsoft Corp., Google parent Alphabet Inc. and
Facebook Inc. have paid out millions of dollars in bug bounties
over the past few years.
"It's getting increasingly difficult to find some of those most
critical types of security vulnerabilities," said Ivan Krstic,
Apple's head of security engineering and architecture, speaking at
the Black Hat security conference in Las Vegas. "The Apple
security-bounty program is going to reward researchers who actually
share critical vulnerabilities with Apple."
The company said it would pay up to $200,000 for the most severe
bugs. "We believe that these payment amounts are commensurate with
the level of difficulty in attacking some of these systems," Mr.
Krstic said.
Such vulnerabilities can be used to give hackers control of a
device. The Federal Bureau of Investigation paid more than $1
million for a tool to circumvent the security measures on the
iPhone 5S used by San Bernardino shooter Syed Rizwan Farook .
Bug bounties are commonly offered by technology companies, but
they are also starting to pop up in the automotive industry—Tesla
Motors Inc. and General Motors Co. offer them—as cars increasingly
rely on software to control critical systems.
Write to Robert McMillan at Robert.Mcmillan@wsj.com
(END) Dow Jones Newswires
August 05, 2016 03:05 ET (07:05 GMT)
Copyright (c) 2016 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Feb 2024 to Mar 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Mar 2023 to Mar 2024