Hack iOS 10, Get $1.5 Million

Reader Trailrunner7 writes: The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10.The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company has a set of standing prices for the information it will buy, which includes bugs and exploits for iOS, Android, Flash, Windows, and the major browsers, and the top tier of that list has been $500,000 for an iOS jailbreak. But that all changed on Thursday when Zerodium announced that the company has tripled the standing price for iOS to $1.5 million.

No problem!

[npslider]

Just give me the source code first! :)

Re:

[npslider]

I was hoping for the code for those cool new looking notifications on the iPhone lock screen... but I guess PHP or OpenSSL could suffice...

Re:

[AlphaBro]

If you actually had a chance, you wouldn't be talking about it here.

I have a sneaking suspicion

[Spy Handler]

that gov't intelligence services are putting up that money.

Re:I have a sneaking suspicion

[npslider]

The question is: which ones?

CIA? NSA? FBI?

KGB?

Re:

[Anonymous Coward]

Short answer: ALL of them. Governments are become the Great Enemy.

Re:

[swb]

Those are just the lesser branches of government. The parent government of all them wants it.

All of them

[waspleg]

obviously.

It doesn't even matter since they will share/steal from each other anyway.

Re:I have a sneaking suspicion

[NotInHere]

Its pretty obvious that some of their customers are governments. Who else would be interested in tor browser exploits:

https://www.zerodium.com/image... [zerodium.com]

Re:

[AlphaBro]

Why wouldn't they? At a minimum, modern governments have an obligation to protect their constituents from espionage, and in some cases that means using software exploitation to gain the upper hand. Of course, such powers can be abused, but all to often we choose to ignore their necessity.

Re:

[Anonymous Coward]

Why wouldn't they? At a minimum, modern governments have an obligation to protect their constituents from espionage, and in some cases that means using software exploitation to gain the upper hand.

If the goal is to protect constituents from espionage, I argue that they'd be more effective in this task if they took exploits to the various vendors and convinced/helped them close the holes.

Get ready for the bidder show off

[NotInHere]

Spoiler alert: the bad guys will win, as buying exploits is the only way they can do their business, while apple still sells iphones when there is a super secret vulnerability that gets used three times and thats it. They don't really care and only do the bug bounty program for PR reasons. And you can make more money with breaking into stuff than with selling stuff. Just look at the recent heists where part of the attack was social engineering, part of it was to manufacture emails to look like coming from m

Re:

[Ed Tice]

Yes but I don't risk going to jail selling the exploit. So if I could find this, I'd happily take the $1.5 million selling it legally rather than risk going to jail in order to try to get more. Hopefully by selling it, it would actually get fixed. I'd prefer to sell it a bug bounty program administered by the vendor, though, so I don't have to worry about the moral consequences of the sale.

Sell you soul

[mseeger]

If you sell to them, you're a weapon dealer of the shadier kind. You'll help oppressive regimes to jail dissidents.

Re:Sell you soul

[ilsaloving]

At least until Apple patches the flaw. In the meantime, it's amazing how a large stack of cash can assuage one's guilt.

Re:

[Ed Tice]

They are setting a price. You don't have to sell to them. But it gives you a starting point in negotiations. You could go to Apple and say you've found a remote jailbreak and the price on offer is $1.5 million but you want to take the moral high road so you'll sell it to them for $1.4 million. If they come back and offer you a measly $100k, you know they aren't negotiating in good faith.

The Ghost Within..

[nanospook]

I wonder who is funding this startup?

Is this proof

[The-Ixian]

Is this proof of iOS's security or does this correlate with the value of the holders of the iPhones? I could see it either way or both.

The harder a platform is to crack, the higher the value of the exploit. But only if the users of that platform are valuable or there are economies of scale in play.

iPhone is certainly not the most widespread platform, so then it must be the value of the targets... right?

Re:

[TopSpin]

Is this proof of iOS's security or does this correlate with the value of the holders of the iPhones?

It's both. Apple has apparently hardened devices that are popular with high value targets to the point where remote exploits are now costly to obtain. The market is factoring in both of these properties.

Re:

[93 Escort Wagon]

Then you look at the bottom of the list, and see how little they'll pay for exploits of pretty much ANY web-content management system (Drupal, Joomla, Wordpress)... and, if you're unfortunate enough to be responsible for any of these, you go weep softly in a corner somewhere.

How secure is Apple itself?

[swb]

Given the FBI complaining about its encryption, this bug bounty, etc, the general impression (and yes, it might be wrong) is that the iOS platform is pretty secure.

So how secure is Apple in terms of physical security, employee security, etc?

You would think the next level of attack would be the HQ itself -- getting somebody inside, either secret agent style or compromising an Apple employee somehow.

Are people who work on iOS device security watched 24/7 by security themselves? Do they work in some kind of high security vault? Is the guy pushing the mail cart actually a deep cover FSB agent?

If you work for Apple on iOS security do you think twice when some pretty girl at the bar starts talking to you, especially if she says her name is Natasha?

Re:

[account_deleted]

Comment removed based on user account deletion

$1.5M ?

[LifesABeach]

You now have my attention; damn, where's my white hat?