Skip to main content
  1. Home
  2. Mobile
  3. News

iOS9 is the target of the biggest bug bounty ever: $1 million

By

zerodium ios9 bug bounty dr evil 646x363
An enormous new challenge has been set for the information security community, what’s known as a “bug-bounty” — a cash reward in return for the discovery of vulnerabilities. For researchers, getting such prizes can be both lucrative and a point of pride. This week, the largest bug-bounty award ever in the amount of $1 million has set security researchers into a race to be the first. The target is iOS 9, and the challenge asks for a browser-based, untethered jailbreak of the operating system.

Previous bug programs have featured payout in the hundreds or even thousands of dollars, and in a handful of cases, on the order of a hundred thousand dollars. But a million bucks? That’ll buy a lot of 10-hour energy drinks.

Recommended Videos

The company behind the bounty is known as Zerodium. The startup presents itself as a zero-day vulnerability and exploit acquisition program, meaning that being on the cutting edge of vulnerabilities is critical to its business model. The company reports security information that it collects from independent researchers on to clients through a security-research news feed. This information includes analysis, documentation, and protective measures.

Related

Bug bounties have emerged as a popular way to discover vulnerabilities throughout the security community. It’s a way to accelerate the discovery of security flaws before they emerge in the wild. Zerodium is prepared to pay out a total of up to $3 million in prizes for various exploits, according to contest details explained on the company’s webpage:

The Million Dollar iOS 9 Bug Bounty is tailored for experienced security researchers, reverse engineers, and jailbreak developers, and is an offer made by ZERODIUM to pay out a total of three million U.S. dollars ($3,000,000.00) in rewards for iOS exploits/jailbreaks.

There’s a catch however — a deadline of 6 p.m. on October 31, 2015 for this particular program. So crackers, get cracking.

There are numerous indicators that suggest the web engine known as Webkit will be a prime vector in the hunt for this bug; WebKit is the core rendering engine in Apple’s Safari web browser, after all. Google’s Chrome browser uses a forked version of the same rendering engine called Blink. Both Webkit and Blink have been the target of repeated research projects as it is a component that has produced a number vulnerabilities and has been a primary path to successful exploits.

Although this research is initially oriented at the enterprise, the discovery of any significant bugs will undoubtedly reach the greater community as fixes and updates emerge to address them. Just this week, news emerged about another threat to the Apple ecosystem in the form of malware-compromised apps that had to be taken offline.

Editors’ Recommendations

Topics
John Casaretto
John Casaretto
Former Digital Trends Contributor
John is the founder of the security company BlackCert, a provider of SSL digital certificates and encryption products. A…
I record interviews for work. These are my favorite free recorder apps
The iPhone 14 Pro and Google Pixel 7 Pro's voice recording apps running together.

The Voice Recorder app on a phone (left) and the Voice Memos on another phone Andy Boxall / Digital Trends

Before you head to the app store on your phone to buy a voice-recording app, take a moment to consider the apps that may already be installed on your phone. Why? In my experience, they're likely all you really need. I’ve recorded interviews and voice-overs for work for years, and I’ve found the two best examples come preinstalled on your phone already, so they’re entirely free to use.

Read more
The best Samsung Galaxy Z Fold 5 cases: 10 best ones so far
Two Galaxy Z Fold 5 phones next to each other -- one is open and one is closed.

Samsung’s next-generation foldable is here with the Samsung Galaxy Z Fold 5. This iteration has some notable improvements, including a new hinge design that eliminates the gap from previous generations when the device was folded. You also get a 6.2-inch HD+ Dynamic AMOLED 2X display on the outside while having a 6.7-inch QXGA+ Dynamic AMOLED 2X display on the inside, with both screens having a 120Hz refresh rate. In other words, they're about as nice as you could ask for.

The Galaxy Z Fold 5 is made with premium materials, and the triple-lens camera system packs in a 50MP main shooter, 10MP telephoto with 3x optical zoom, and a 12MP ultrawide lens. There’s a 10MP selfie camera on the front cover, and a 4MP camera on the inner display. You also get a Snapdragon 8 Gen 2 for Galaxy chip inside for the best performance and power efficiency.

Read more
Google Pixel Tablet just got its first big discount and it’s worth a look
Google Pixel Tablet on its charging dock.

Tablets are a dime-a-dozen these days, with offerings from all the great brands including Apple, Samsung, Lenovo, and more. So, if you really want to stand out in a sea of similar tech, you need to do things a little differently. That's what Google's Pixel Tablet offers. How? It comes with a unique speaker dock that can be used to both charge the device and offer room-filling sound -- almost like a smart speaker add-on. Better yet, when your Pixel Tablet is docked it benefits from the Hub Mode, turning the device into a smart display, with digital photo frame support, smart home controls, and hands-free Google functionality. Of course, it could set you back at full price, normally $499 unless you find it included in a roundup of the best Google Pixel deals. Well, guess what? Thanks to a Best Buy Google Pixel Tablet deal, you can get it today for $439 and save $60. Hurry, though, it's part of Best Buy's recent 48-hour sale so it won't stick around for long.

Why you should buy the Google Pixel Tablet
Okay, okay, so in our Google Pixel Tablet review, Joe Maring did give it less than stellar remarks, but he called out its reliable fingerprint sensor, comfortability during use and excellent speaker dock. Honestly, how many tablets come with a matching speaker dock that transforms the entire experience? This tablet also marks a "lot of firsts" for Google, as it's the first tablet from the company in nearly five years, the first Android tablet in eight years, and can be converted into a smart home display with the speaker dock. All of which are notable milestones.

Read more