Exploit Vendor Offers $1.5 Million for iOS 10 Zero-Days

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Zerodium, a company that buys zero-day exploits and then sells them to government agencies around the world, has raised its prices for a series of security flaws it desperately wants to get its hands on.

exploit-vendor-offers-1-5-million-for-ios-10-zero-days-508808-2.png


First and foremost, the company has tripled the price it pays for an iOS zero-day. While last year Zerodium held a competition and paid $1 million for the first three iOS 9 zero-days, the company lowered the price to $500,000 afterward.

With the recent release of iOS 10, Zerodium has now once again hiked the price for iOS zero-days, agreeing to pay $1.5 million for a remote exploit that allows a third party full control over the device.

Just like last year, the company will pay for exploits that work against the latest patched iOS version, which means Zerodium is not interested in iOS 9 exploits. On the other hand, Apple is offering up to $200,000 for iOS zero-days via its private, invite-only bug bounty program.

Read more: http://news.softpedia.com/news/exploit-vendor-offers-1-5-million-for-ios-10-zero-days-508808.shtml
 
H

hjlbx

And we are worried about MS telemetry...:D

Telemetry not the problem ? Government is the problem ?

Government can compel Microsoft to hand over all data and connect data to users via a National Security letter that includes a gag order. Government can compel Microsoft to zero-in on one user system out of hundreds of millions of systems. If Microsoft refuse to comply with that National Security request or releases infos about it, then Government can indict Microsoft. No U.S. company has ever survived indictment. As soon as the indictment is issued - without even going to court for criminal proceedings - the company is absolutely kaput. The world financial markets value a company under indictment = $0.

So Microsoft will identify a user's data and hand it over... user is screwed by virtue of using Windows.

So... which is problem... the chicken or the egg ? Telemetry or Government ?

First thing is that government officials, employees, administrations are corrupt and will abuse whatever they can, when they can, as it suites them, when they see fit.

If there were no telemetry, then Government could not compel Microsoft to release user data as there would be no user data collected and stored by Microsoft in the first place. Telemetry is anonymized, but government can compel Microsoft to modify it - broadly or specific to a single user's system. People don't realize this -- that this is actually how it works...

Windows and Microsoft are governments' best friends... followed by for sale exploits.
 
H

hjlbx

There is actually someone in US Congress that wants:

1. All computer systems, OSes and certain softs sold in US to be registered with US federal government like firearms
2. Physical system and OS tracking with US government monitoring capabilities built-in
3. Non-transferable
4. User license\registration required to purchase systems\softs
5. Violation of 1 - 4 = criminal offense... send violators to the klink - or probably Guatanamo Bay...

We live in tough times bros...

Think of it. Maybe in future you will have to be fingerprinted at Best Buy to buy a laptop. :D

"We are such fearful human beings that we will take away the entire world's rights and privacy so that we can feel secure."
 
Last edited by a moderator:
L

LabZero

Not a fresh news, but NSA and GCHQ would have also exploited Angry Birds, YouTube, and Google Maps to get profiles and collect personal information of hundreds of millions of people and the right to privacy of the users has been reset for reasons related to the national and international security.
By collecting metadata, and cookies from these and other applications, NSA and GCHQ were able to trace personal profiles for several years, virtually every detail of a person's life.
 
H

hjlbx

Not a fresh news, but NSA and GCHQ would have also exploited Angry Birds, YouTube, and Google Maps to get profiles and collect personal information of hundreds of millions of people and the right to privacy of the users has been reset for reasons related to the national and international security.
By collecting metadata, and cookies from these and other applications, NSA and GCHQ were able to trace personal profiles for several years, virtually every detail of a person's life.

Implanted tracking chips at birth will come at some point in the future. Not in our lifetimes, but it will happen...

IT is fundamentally changing most everything...
 

Entreri

Level 7
Verified
May 25, 2015
342
iOS is a very robust system and I think Apple now updates the iOS more frequently. I can see why governments are desperate for zero day exploits to it.
 
Last edited by a moderator:

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
This just shows that any software which dormant of least in the wild vulnerabilities attacks have more chances to expose future holes.

So the price mentioned is definitely acceptable.

Everything is dual effect,
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
So they can hack criminals, which I 100% agree with, we need the capability to do so. What the NSA and GCHQ are looking for is criminal gangs, terrorism etc., the everyday person is nothing to these guys. Without these technologies how do people think we can stop terrorist attacks before they happen, stop sexual predators trafficking children for sex and much, much more.
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Implanted tracking chips at birth will come at some point in the future. Not in our lifetimes, but it will happen...

IT is fundamentally changing most everything...
In a state east of us (Illinois) there has been long time talk of chipping Licenses so that when you walk into a store equipped with a special camera, it
detects the chip, then will display on the screen all that persons vitals, and statistics, including traffic, and criminal history ect.
 
  • Like
Reactions: LabZero
H

hjlbx

In a state east of us (Illinois) there has been long time talk of chipping Licenses so that when you walk into a store equipped with a special camera, it
detects the chip, then will display on the screen all that persons vitals, and statistics, including traffic, and criminal history ect.

Seems all very Orwellian-Auschwitz to me....
 
  • Like
Reactions: _CyberGhosT_

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top