“Apple gives Hackers special IPhones to find Leaks.” Apple is going to give hackers special iPhones so that they can better trace leaks in the software.
There will also be a reward program for macOS.
Apple would like to unveil those plans this week at the Black Hat hacker conference in Las Vegas, according to the reports.
Apple would give a pre-selected group of hackers almost the same iPhones that developers use within the company.
The iPhones are less closed than devices that Apple sells typically.
It allows hackers to better search for vulnerabilities in the iPhone’s memory, for example.
The hackers will probably not get unlimited access to the normally encrypted firmware of iOS.
Finder’s fee for a leak
Apple gives hackers that access so that they can report vulnerabilities in exchange for a reward.
This way, Apple can close those leaks before malicious people take advantage of them in practice.
However, the closed nature of both Apple and its devices has made that tough in recent years.
Probably the move is also a way to prevent the sale of iPhones for internal use on the black market.
In recent years, some iPhone prototypes have been leaked that allowed hackers to find unknown vulnerabilities, reported earlier this year.
These vulnerabilities are worth a lot of money: governments pay tons to millions for a leak,
which means they can bypass the password of an iPhone.
The chance of finding such leaks drops if Apple itself allows more hackers to search for vulnerabilities on similar iPhones with those on the black market.
Reward for macOS leaks
The company would also start a reward program for macOS.
Now hackers don’t get anything from Apple if they report a vulnerability,
which means that some hackers kept leaks to themselves in the past.
Such leaks are also worth a lot on the black market.
Apple has been paying a maximum of 200,000 dollars for reporting iOS bugs for several years.
Not enough, according to some hackers.
You can earn a multiple on the black market,
while Apple has a lot of money and advertises with the security of its devices and software.