Not long ago Apple announced on their website. The content of the ad is about the Apple Security Bounty, a program in which Apple rewards people for discovering security vulnerabilities in Apple products and services.
Attacking devices through physical access : Such as bypassing the lock screen ($5,000 – $100,000 reward) and recovering user data ($5,000 – $250,000 reward).
Attacking devices through user-installed apps : Such as unauthorized access to sensitive data ($5,000 – $100,000 reward) and privilege escalation ($5,000 – $150,000 reward).
Network attacks that require user interaction : Such as unauthorized one-click access to sensitive data ($5,000 – $150,000 reward) and one-click privilege escalation ($5,000 – $250,000 reward).
Network attacks that do not require user interaction : Such as zero-click attacks with physical proximity to the kernel ($5,000 – $500,000 reward) and unauthorized unauthorized access to sensitive data ($5,000 – $500,000 reward).
There are also additional bonuses for issues encountered in the beta software and Lockdown mode, with the top prize reaching $2,000,000.
Apple also encourages winners to donate to charity, with Apple matching donations to qualifying organizations such as the Ford Foundation’s Dignity and Justice Fund.
Specifications for each type of attack
Zero-click : Attacks that do not require user interaction.
One click : Attacks that require user interaction.
Access to sensitive information : Access to user data that the system normally prevents access to.
