A leading daily has said that security researchers will be provided with special iPhones by Apple and will finally launch a bug bounty program for Mac. The security measures will be announced by the Cupertino based company at the Black Hat security conference in Las Vegas to be held later this week in an effort to strengthen its flawed bug bounty program.
Reports say that the tech giant plans to provide researchers part of nits invite-only bug bounty program with iPhones that are not as locked down as the consumer version. A leading daily says that they will not be as open as the ones reserved for the employees of the company but might be open enough to give researchers a way to look at the device more closely. The phones, for instance could, give the participants a way to inspect parts of the OS or specific components, like the memory, to look for vulnerabilities.
Moreover, there are also reports that the company is launching its long-delayed bug bounty program for Mac. Earlier this year, the researcher had discovered an exploit that would allow the bad actors to grab the passwords from login and system keychains without the requirement of the administrator privileges. However, the vulnerability details were not revealed to Apple.
Principal security researcher at Jamf, Patrick Wardle had found many issues on Mac OS and said, “If you’re a large, well-resourced company such as Apple, who claims to place a premium on security, having a bug-bounty program is a no brainer.” If the security researchers are provided with rewards for uncovering flaws in hardware and software, it could compel them to report the vulnerabilities to the company and would make Apple’s products much safer and more secure. The researchers had earlier refused to reveal the vulnerabilities while protesting that the bug bounty program had pay outs for iOS bubgs and not for the MacOS ones.
Photo Credits: macrumours