As first promised in August, Apple's Bug Bounty program is now open to everyone.

Rather, it was an invitation-only initiative that attracted criticism because it encouraged non-invitees to sell vulnerability details to companies and governments that would exploit them to gain unauthorized access to Apple devices …

Apple had previously increased the maximum payouts after complaints about low rewards, making it more likely that even invitees would be tempted to sell security issues on the black market for much higher amounts.

An Apple Security Bounty microsite has all the details, including suitability.

To be eligible for an Apple Security Bounty, the issue must occur with the latest publicly available versions of iOS, iPadOS, macOS, TVOS or watchOS with a standard configuration and, where relevant, with the latest publicly available hardware. These eligibility rules are designed to protect customers until an update is available, ensure that Apple can quickly verify reports and make necessary updates, and correctly reward those who perform original research. Researchers must:

Be the first to report the problem to Apple Product Security.

Provide a clear report with a working exploit (described below).

Do not disclose the issue before Apple publishes the security advice for the report. (In general, the advice is issued together with the corresponding update to solve the problem).

Issues that are unknown to Apple and that are unique to designated developer beta & # 39; s and public beta & # 39; s, including regressions, can result in a bonus payment of 50%. Eligible issues include:

Security issues introduced in certain designated beta releases from developers or public beta releases, as listed on this page if available. Not all developers or public beta & # 39; s are eligible for this extra bonus.

Regressions of previously resolved issues, including issues with published opinions, that have been reintroduced into a developer beta or public beta, as listed on this page if available.

Apple has published a rate card with maximum payouts ranging from $ 100,000 to $ 1 million, although the 50% beta bonus means the maximum payout is $ 1.5 million. Apple also pays the same amount to a charity.

Topic

Maximum payout

iCloud

Unauthorized access to iCloud account information on Apple servers

$ 100,000

Device attack through physical access

Block screen diversion

$ 100,000

Extraction of user data

$ 250,000

Device attack via app installed by the user

Unauthorized access to sensitive data **

$ 100,000

Kernel code implementation

$ 150,000

CPU side channel attack

$ 250,000

Network attack with user interaction

Unauthorized access to sensitive data with one click of the mouse **

$ 150,000

Execute kernel codes with one click

$ 250,000

Network attack without user interaction

Zero-click radio to kernel with physical proximity

$ 250,000

Zero-click unauthorized access to sensitive data **

$ 500,000

Zero-click kernel code execution with persistence and kernel PAC bypass

$ 1,000,000

To receive the maximum payout from Apple's bug bounty program, you must include a working exploit, otherwise a lower amount is offered.

The purpose of the Apple Security Bounty is to protect customers by understanding both vulnerabilities and their operating techniques. Reports that contain a standard proof of concept instead of a working exploit are eligible for no more than 50% of the maximum payout amount. Reports that lack the information required to enable Apple to reproduce the problem efficiently will result in a significantly lower premium payment, if they are already accepted.

A separate webpage with sample payouts elaborates on the details.

Apple published its 2019 Platform Security Guide yesterday describing the security measures that the company is applying to its devices and services.

