Friday, July 7, 2017

Apple offers a lot of money for vulnerabilities that allow Jailbreak to an iPhone, but it is not enough

Apple currently offers up to $ 200,000 for security bugs found on iOS. They are paid to hackers who manage to find bugs that take full control of an iPhone or iPad, by finding bugs that finally allow the arbitrary execution of code itself that as a final result become root , that is, system administrator, and can by So access all data, unlock the system, etc. You pay that money if the method has not been made public, so that Apple can patch and correct it in future updates without anyone else being able to use it. Some of the problems that are fixed with each update of iOS, come from purchases of this type of vulnerabilities.
For neophytes 200,000 dollars could seem like a lot of money, but it seems that is not enough ... apparently, it is more useful to use that vulnerability to earn money by selling it to other companies that offer unblocking services to government agencies or security, etc. For example, the set of unpublished vulnerabilities that allow jailbreaking an iPhone can be sold for $ 1.5 million to private security companies For that reason, some vulnerabilities never see the light, but remain in iOS and are used by these companies, which in turn charge a rather indecent amount of money to many governments around the world. These companies that collect vulnerabilities to use for their benefit are called Zerodium or Exodus Intelligence. The latter, offers up to half a million dollars for an iOS Jailbreak .
The reason you pay so much money is the difficulty of finding those vulnerabilities, and then make tools that allow you to use them and easily jailbreak anyone else. What was previously given , today can put a floor in Manhattan if you are good enough to circumvent all the security measures that Apple implements on an iPhone.
Apple lets publish everything to hackers who encounter a serious vulnerability, but only after the problem has been patched with an iOS update. Apple only pays for zero days , that is, vulnerabilities that have not been reported or known. This is of interest to many hackers because it is a way to raise their cache , make themselves known and also, why not, raise their self-esteem. It's very difficult to get the iOS jailbreak nowadays . Often, you need undocumented bugs to find the really good bugs, those that allow you to control the system ... even to look , just what the system is doing, you need to find very complicated vulnerabilities to take advantage of.
Copyright © 2015 NewCydiaTweaks | Privacy Policy Privacy Policy | Disclaimer NewCydiaTweaks
Scroll To Top