Apple’s effort to court ‘ethical’ hackers draws poor reviews

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Lack of communication, confusion about payments and long delays have security researchers fed up with Apple’s bug bounty program

Hoping to discover hidden weaknesses, Apple for five years now has invited hackers to break into its services and its iconic phones and laptops, offering up to $1 million to learn of its most serious security flaws.

Across the tech industry, similar “bug bounty” programs have become a prized tool in maintaining security — a way to find vulnerabilities and encourage hackers to report them rather than abuse them.
But many who are familiar with the program say Apple is slow to fix reported bugs and does not always pay hackers what they believe they’re owed. Ultimately, they say, Apple’s insular culture has hurt the program and created a blind spot on security.

“It’s a bug bounty program where the house always wins,” said Katie Moussouris, CEO and founder of Luta Security, which worked with the Defense Department to set up its first bug bounty program. She said Apple’s bad reputation in the security industry will lead to “less secure products for their customers and more cost down the line.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top