Apple Launches macOS Bug Bounty Program. Researches Provided with ‘Special’ iPhones for Bug Testing

George Herman
George Herman
IT Security Expert

Get a FREE scan to check for problems

Some infections like this virus can regenerate themselves. There is no better way to detect, remediate and prevent malware infection, than to use a professional anti-malware software like SpyHunter. One Application that is capable of solving all MAC problems.

Anti-Malware

SpyHunter Anti-Malware FREE 15-day trial available.

Apple is releasing a macOS bug bounty program for the first time. Despite the fact that other big companies, like Google and Microsoft, have been offering bug bounty programs for a long time, Apple had only been providing financial rewards for iOS, and not for Mac.

That new policy came earlier this year when the 18-year-old cyber-security enthusiast, Linus Henze found the so-called “KeySteal” zero-day macOS vulnerability, refusing to share the details with Apple because they had no bug bounty program for macOS.

According to Henze, the bug could be potentially exploited by hackers to retrieve sensitive data stored in the Mac Keychain app, which might seriously threaten users’ security.

Meanwhile, Apple is reportedly planning to provide security researchers with special iPhones to make finding security loopholes easier.

Sources quoted by Forbes, claim that the new scheme will be part of Apple’s new invite-only bug bounty program which will be presented at the ongoing Black Hat security conference in Las Vegas.

The report is expected to reduce the number of leaked or stolen developer iPhones which are often sold on black market for thousands of dollars.

The report also states that the special iPhones will be developer-oriented, allowing the researchers to access many areas of the operating system which are off-limits on commercial iPhones.

In particular, the special devices could allow hackers to stop the processor and inspect memory for vulnerabilities”, the report states.

Yet, the special devices will not be as open and accessible as the ones available to Apple’s in-house developers and security experts.

Leave a Reply

Your email address will not be published.