Vulnerabilities in Apple’s iOS are big money, and are genuinely worth a lot of money. So much money that an exploit trading firm is willing to offer up to $500,000 (about RM2 million) for them; a far more lucrative sum that the $200,000 (about RM800,000) Apple began offering last week.
This isn’t the first time that a private company has offered money for ways to break into the iPhone. Zerodium paid $1 million (about RM4 million) for an iOS exploit last year; although that bounty has now been reduced to $500,000.
These exploit trading firms will later sell access to a database of exploits and vulnerabilities to security firms looking to protect their customers. However, these trading firms are occasionally less than concerned about the purposes of their customers and have been known to sell access to thirds parties looking for a way into secured systems. This was especially evident in the case of the iPhone beloning to the San Bernadino shooter.
In Apple’s case, it was originally unwilling to offer bounties for vulnerabilities in iOS. Cupertino had balked at the idea of offering the money, saying that no matter what it did, there would be a third party that would offer more. To be fair to Apple, that worry was no entirely unfounded.
The popularity of the iPhone makes it a massive target for just about everyone. From hackers looking to make a quick buck; to governments looking for information; to legitimate security firms trying to keep the other two out.
[Source: Globe News Wire]
