Apple’s bug bounty program is having a hard time getting started

Spread the love

A white-hat hacker has released details about three vulnerabilities in iOS. He didn’t just do that; he was annoyed by Apple’s lax attitude when it comes to fixing bugs that come in through researchers. And he is certainly not alone in this.

The illusion of chaos, as ethical hacker Denis Tokarev calls himself, waited three months for Apple’s response to his findings. He found several vulnerabilities in the iOS operating system, and warned Apple about it. But Apple did not respond. After weeks of radio silence, the ethical hacker was fed up; he published information about the vulnerabilities on his blog. In principle, anyone with the right skills can make an exploit with which to steal user data. Normally, reporting a vulnerability is simple. The hacker finds a weakness, passes it on to the company, and it fixes it within a predetermined period of time. In return, the discoverer usually gets a reward or at least a pat on the back. But illusionofchaos thought he had to wait too long for that. He certainly does not stand alone. In the past, many hackers have complained about Apple’s handling of bug bounties. That transaction would be stiff and slow.

You might also like
Exit mobile version