Skip to main content
  1. Home
  2. Mobile
  3. News

iOS9 is the target of the biggest bug bounty ever: $1 million

By

zerodium ios9 bug bounty dr evil 646x363
Image used with permission by copyright holder
An enormous new challenge has been set for the information security community, what’s known as a “bug-bounty” — a cash reward in return for the discovery of vulnerabilities. For researchers, getting such prizes can be both lucrative and a point of pride. This week, the largest bug-bounty award ever in the amount of $1 million has set security researchers into a race to be the first. The target is iOS 9, and the challenge asks for a browser-based, untethered jailbreak of the operating system.

Previous bug programs have featured payout in the hundreds or even thousands of dollars, and in a handful of cases, on the order of a hundred thousand dollars. But a million bucks? That’ll buy a lot of 10-hour energy drinks.

Recommended Videos

The company behind the bounty is known as Zerodium. The startup presents itself as a zero-day vulnerability and exploit acquisition program, meaning that being on the cutting edge of vulnerabilities is critical to its business model. The company reports security information that it collects from independent researchers on to clients through a security-research news feed. This information includes analysis, documentation, and protective measures.

Related

Bug bounties have emerged as a popular way to discover vulnerabilities throughout the security community. It’s a way to accelerate the discovery of security flaws before they emerge in the wild. Zerodium is prepared to pay out a total of up to $3 million in prizes for various exploits, according to contest details explained on the company’s webpage:

The Million Dollar iOS 9 Bug Bounty is tailored for experienced security researchers, reverse engineers, and jailbreak developers, and is an offer made by ZERODIUM to pay out a total of three million U.S. dollars ($3,000,000.00) in rewards for iOS exploits/jailbreaks.

There’s a catch however — a deadline of 6 p.m. on October 31, 2015 for this particular program. So crackers, get cracking.

There are numerous indicators that suggest the web engine known as Webkit will be a prime vector in the hunt for this bug; WebKit is the core rendering engine in Apple’s Safari web browser, after all. Google’s Chrome browser uses a forked version of the same rendering engine called Blink. Both Webkit and Blink have been the target of repeated research projects as it is a component that has produced a number vulnerabilities and has been a primary path to successful exploits.

Although this research is initially oriented at the enterprise, the discovery of any significant bugs will undoubtedly reach the greater community as fixes and updates emerge to address them. Just this week, news emerged about another threat to the Apple ecosystem in the form of malware-compromised apps that had to be taken offline.

Editors' Recommendations

Topics
John Casaretto
John Casaretto
Former Digital Trends Contributor
John is the founder of the security company BlackCert, a provider of SSL digital certificates and encryption products. A…
The iPhone 16 Pro Max may get a very important battery upgrade
An iPhone 15 Pro Max laying face-down outside, showing the Natural Titanium color.

iPhone 16 dummy models Sonny Dickson / X

The iPhone 16 still has many months to go before its anticipated announcement in the fall, but we’ve already gotten a slew of rumors, leaks, and speculation about its specs and capabilities. One of the latest rumors about the iPhone 16 Pro Max comes from analyst Ming-Chi Kuo and it regards a new battery Apple is putting into the device.

Read more
Best Google Pixel deals: Save on Pixel 8, Pixel Buds, and Pixel Watch
The home screen on the Google Pixel 8 Pro.

If you’ve been shopping headphone deals, smartwatch deals, or phone deals and haven’t found the savings you’re looking for, we’d like to introduce you to Google’s Pixel lineup. It has a lot to offer when it comes to mobile devices, and most of them can keep up with the likes of Apple and Samsung. Many people love Google’s software ecosystem, with the various generations of the Google Pixel phone often among the best Android phones. We’ve tracked down all of the best Google Pixel deals you can shop right now. Same of the standouts are Google Pixel 8 deals and Google Pixel Fold deals, so read onward for all of the details on how to save.
Google Pixel Buds Pro -- $140, was $200

If you need new wireless earbuds, you should check out the various models of the Google Pixel Buds, particularly the Google Pixel Buds Pro currently discounted. They offer long battery life, and while they're at their best when you're connecting them to another Pixel device or an Android-powered smartphone, you can also use with with iPhones or other Bluetooth-enabled gadgets.

Read more
Best Apple Watch deals: Series 9 and Ultra 2 discounted
Someone wearing an Apple Watch Ultra 2, showing the Modular Ultra watch face.

You can find some great smartwatch deals among the current Samsung Galaxy Watch deals, Fitbit deals, and Google Pixel Watch deals, but if Apple is your brand and you’ve got good use for a smartwatch, you’re probably looking for some Apple Watch deals. The Apple Watch lineup often finds various models atop the best smartwatches, which can make it difficult to track down some savings. But we’ve managed to find some, and we’ve rounded up all of the best Apple Watch deals below. Reading onward you’ll find savings on nearly all of the current Apple Watch models, as well as some substantial savings on some refurbished models.
Best Apple Watch SE deals

The first-generation Apple Watch SE, which was released in 2020, and the second-generation Apple Watch SE, which was rolled out in 2022, are the most affordable ways of getting an Apple Watch. They don't give up too much in order to keep costs low compared to their more expensive peers though. The Apple Watch SE 2, in particular, still provides comprehensive fitness tracking features, a comfortable fit, and excellent software as it can be updated to Apple's latest watchOS 10.

Read more