Your IT Consultant

Apple: Overpriced Products – Cheap on Bounty Payments

August 11, 2016

If you have ever purchased an Apple product, you know that they cost a lot of money. They are beautifully designed devices, but you always have to wonder if it is worth the 70+% premium price. Everybody other than Apple, for many years, has offered payment for those that identify bugs and vulnerabilities in the manufacturer's products. Those days are over. Apple has finally decided to pay people that identify flaws in its products.

Not so fast. The announced payment schedule would indicate that anybody who discovers a security vulnerability in an Apple product (software or device) may not actually notify Apple. You can make a LOT more money by letting others know about the way to "hack" an Apple product instead of telling Apple about it. The maximum payment from Apple is $200K. Chump change. Why would you do that when you can get $500K for the same disclosure from somebody other than Apple? Worse yet, others will pay you a million dollars for a zero day that they can use to attack iOS devices that have not been jailbroken. That makes Apple look pretty cheap.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com