In August 2016, Apple’s head of security Ivan Krstic stole the show at one of the biggest security conferences in the world with an unexpected announcement.
“I wanna share some news with you,” Krstic said at the Black Hat conference, before announcing that Apple was finally launching a bug bounty program to reward friendly hackers who report bugs to the company.
The crowd erupted in enthusiastic applause. But almost a year later, the long-awaited program appears to be struggling to take off, with no public evidence that hackers have claimed any bug bounties.
And at the core of it all:
The iPhone’s security is so tight that it’s hard to find any flaws at all, which leads to sky-high prices for bugs on the grey market.
The question is, are the bugs valuable enough for Apple to raise their bounties to compete with the grey market?