@ Apple Announces Reward for Finding Security Bugs

Tech giant announced it would offer rewards of up to $200,000 to security experts who find critical security bugs in Apple products and report it to the company to let it fix it before the public learns about it. This, the company joins

Apple explained that the program in question would initially launch for about two dozen researchers invited to help identify security bugs in 5 categories. The company chose those researchers from the group of experts who have previously helped it identify vulnerabilities but weren’t paid for their help.

So, looking into the categories and rewards offered within them, we can say that the most lucrative category is for bugs in Apple’s “secure boot” firmware, which offers rewards of up to $200,000 for preventing unauthorized apps from launching when a mobile device is powered up.

The tech giant explained it decided to limit the scope of the program after studying the experience of other companies that have previously launched similar programs and making some conclusions for itself. They said the best way to start is to invite a small list of researchers to join and then gradually open the program up over time. According to security analysts, limiting participation would save the tech firm from dealing with a huge flow of “low-value” bug reports.

Many other tech giants, including AT&T, Facebook, Microsoft, Google, Microsoft, Tesla Motors and Yahoo already offer such rewards. For example, Microsoft has so far handed out $1.5 million in rewards to security researchers since it launched its program 3 years ago. The company offers rewards for identifying very specific types of bugs. Microsoft’s two biggest payouts have been $100,000 each. However, not all programs of this type are as focused as Apple’s and Microsoft’s.

For instance, Facebook has an open program that offers rewards for a wide range of bugs. Over the past five years, Facebook has paid out over $4 million, with the average payment in 2015 being $1,780. Just a few months ago, Facebook paid $10,000 to a 10-year-old boy in Finland who was first to find and report a way to delete user comments from Instagram accounts.