أخبار العالم

Apple to reportedly present ‘dev gadget’ iPhones for bug searching, introduce Mac bounty


 

Apple will furnish vetted safety researchers particular iPhone variants in efforts to suss out {hardware} and software program vulnerabilities, based on a report on Monday that additionally claims the corporate intends to institute an official bug bounty program for Mac within the coming weeks.

Black Hat

Apple’s Ivan Krstic declares the bug bounty program at Black Hat USA 2016.

Citing individuals aware of Apple’s plans, Forbes stories particular iPhone {hardware} can be equipped to members of the tech big’s invitation-only bug bounty program.

Particulars are scarce, however sources describe the iPhones as “dev units” that supply researchers much more latitude in probing for iOS vulnerabilities than frequent shopper variants. Whereas not fairly as unrestricted as models equipped to Apple’s personal safety staff, the bug bounty handsets are anticipated to permit bug hunters to halt processor operations and examine system reminiscence whereas conducting focused assaults, the report mentioned.

Apple intends to guard its most prized code, nevertheless, because the report notes hackers are unlikely to achieve entry to key iPhone firmware.

The report speculates Apple’s determination to seed the particular iPhones to bug bounty members stems from trade reactions to leaked dev units. Previously, safety researchers have benefitted from entry to developer {hardware}, particularly in surfacing essential zero-day vulnerabilities.

Together with the dev gadget program, Apple can also be anticipated to announce a brand new bug bounty program for macOS. At present, the corporate limits its bug bounty to iOS — its most essential platform — with funds starting from $200,000 for exploits associated to safe boot firmware elements to $25,000 for much less essential flaws.

Researchers have referred to as on Apple to create a macOS bug bounty for years, however the firm has proven little curiosity in following by with a proper program. Apple’s stance on the problem was dropped at the fore in February when German teenager Linus Henze uncovered a macOS Keychain exploit however refused handy over particulars in protest. Henze in the end divulged his findings, saying the vulnerability was too essential to maintain secret.

Sources say Apple plans to announce each the dev iPhone program and Mac bug bounty initiative on the Black Hat safety convention this week. Apple’s safety engineering chief Ivan Krstic is scheduled to debate iOS 13, macOS Catalina and extra throughout a presentation on Thursday.




Supply hyperlink

الوسوم

مقالات ذات صلة

زر الذهاب إلى الأعلى
إغلاق