Apple is giving out a special iPhone that can lead to a $1 million reward

Apple is giving out a special iPhone that can lead to a $1 million reward
According to Wired, Apple is giving out special versions of the iPhone to security researchers who have the opportunity to collect as much as $1.5 million from Apple. Announced last week at the Black Rock cybersecurity conference in Las Vegas (where ironically Apple earlier this year put up a billboard reading "What happens on your iPhone stays on your iPhone"), the tech giant is giving these experts the task of hacking into the iPhone to find vulnerabilities and security flaws. Apple security chief Ivan Krstic says that these special iPhones come with "advanced debug capabilities." Unlike the units sold to consumers, these will allow researchers to access parts of iOS that are off-limits to most users.

The so-called iOS Security Research Device Program will get underway next year and while anyone can apply to receive one of the special iPhone units, Apple says that there will be a limited amount handed out. Most likely only qualified security researchers will be able to obtain one of these devices. Even though they will be much more open than a store-bought iPhone, the researchers won't have the same access that Apple's own internal security team has on their iPhones.

Apple is paying a 50% bonus to researchers who find a vulnerability in beta code

Companies like Apple and Google pay these researchers to find flaws as an incentive. In addition, Apple would prefer that a security expert who finds a vulnerability tell the company about it instead of selling it or using it for their own evil intentions. Flaws found on iOS are said to bring researchers as much as $1 million from hackers willing to pay that much. Apple announced last week that a researcher can receive $1 million by finding a flaw allowing him or her to take over full control of an iPhone without the owner touching the handset. Other flaws can also handsomely reward a researcher as Apple is willing to pay up to $500,000 for the information. Google announced last month that it will pay up to $30,000 to a researcher finding flaws in its Chrome browser while paying $150,000 if it is told about a flaw that can compromise its Chrome OS.

Researchers who find a vulnerability in code found on beta software will receive a 50% bonus from Apple. That is to reward an expert who has identified a problem before the bug is passed along to the public, and brings the top possible award handed out by Apple to $1.5 million. As the company's security chief points out, "The second-best reason to have a bug bounty is to find out about a vulnerability that’s already in the users’ hands and fix it quickly. The number one best reason is to find a vulnerability before it ever hits a customer’s hands."

Apple's new program might have received more applause if it wasn't for the limited number of special iPhones it is handing out. As iOS security researcher Will Strafach noted, "It's a huge step, but I do think it would be great if there were a bit more wide availability of the devices." Apple might be concerned that the wider availability of these units might lead to several ending up in the wrong hands, creating more problems for the company. Still, with all this money at stake, regular iPhone owners should benefit from the incentives that Apple is throwing at security experts.



1. cmdacos

Posts: 4334; Member since: Nov 01, 2016

Project Zero team is in for a pay day.

4. Back_from_beyond

Posts: 1475; Member since: Sep 04, 2015

Or if you really wanna cash in, sell it to companies that make hacking iPhones their business. This clearly had to do with iPhone security really not being as good as Apple has been claiming, with multiple reports over the last year making that painfully aware to the public.

12. lyndon420

Posts: 6897; Member since: Jul 11, 2012

Odd how this $1,000,000 reward program suddenly emerged after Google exposed numerous flaws with iOS...and some are over 4 years old.... "What's on your the sole property of the are not safe despite our best efforts to elude you...!!”

18. oldskool50 unregistered

Spoken like a true champ!!!!

3. Wazupmrg

Posts: 199; Member since: Apr 10, 2017

Lol I get a warning for saying something that offended a fan boy. Shows how delicate they are. And for the record, this post is NOT in violation of any rules here.

5. ivan.k

Posts: 41; Member since: Jan 29, 2014

OK, I'll answer you here, so more people can see what is the problem with your post ( and other posts like this )! Warned you for "Too bad the phone will still suck. " - if you have information or some reasonable opinion, you give it, is good for the community and for REAL discussion. But these words, thrown like this are the reason behind more trolling, more insulting and more flame wars. And that is not OK. Have a nice day!

6. mootu

Posts: 1541; Member since: Mar 16, 2017

And yet iloveapps (peaceboy) puts up multiple troll posts every day and nothing happens. Have a nice day!

7. ivan.k

Posts: 41; Member since: Jan 29, 2014

He receives regular warnings, as most of the users who are trolling. Have a nice day!

11. mackan84

Posts: 647; Member since: Feb 13, 2014

Nobody will learn from this. Have a nice day!

19. oldskool50 unregistered

Yet he is here every single day. Yeah we know better. If the real trolls are never banned or blocked, we know there can only be 1 of 2 reasons. 1...either they are one of you guys 2...or yo8 like the fact they make the site seem busy.

23. ivan.k

Posts: 41; Member since: Jan 29, 2014

Busy with what? You think irrelevant comments, insults and trolling is good for the site? Think again... You're also here every day... and sometimes you get warnings too...

24. midan

Posts: 3131; Member since: Oct 09, 2017

It's funny how you don't see problems with your own comments, but that really doesn't surprise me at all First of all you really should look the tone of your messages and how you talk to other people, it's crazy to think that you are 50, where is your manners? Have you been like that your whole life, or what made you like that?

25. ivan.k

Posts: 41; Member since: Jan 29, 2014

What is the problem with my comments? I answer, ask questions, and also give reasons for my action and opinion. Wazupmrg post publicly his frustration for my warning and I give my point of view....what is wrong with that?

26. midan

Posts: 3131; Member since: Oct 09, 2017

Who you replied? i've said it earlier that this new comment section is bad when it came, because it's hard to track who replies to who because messages aren't going to right places. I replied to oldskool50 not to you. Your comments are great and i hope you guys would start to do more to make these comment sections to good place for tech people to visit.

27. ivan.k

Posts: 41; Member since: Jan 29, 2014

Sorry midan, my bad. Didn't realize you are answering to oldskool50. And yeah, the comments structure is awful...but we are working on it.

16. cmdacos

Posts: 4334; Member since: Nov 01, 2016

I found his comment to actually be relevant for me as a part of this community. I only assumed the phone would still suck but he appears to have some facts that confirms my assumption. I appreciate his comment.

13. lyndon420

Posts: 6897; Member since: Jul 11, 2012

It happens. Sometimes they'll shut down the entire comment section if things start leaning a little too much towards the right... ...the left can't handle true debate/freedoms...

14. lyndon420

Posts: 6897; Member since: Jul 11, 2012

@Wazupmrg... Are you sure you offended a fanboy?? Because it's usually the fruit loving crowd that suddenly feels threatend and triggered....they resort to insults, and sometimes sexual references..,!?!

20. oldskool50 unregistered

Because we know bugs and security issue will always be a problem, because software I'd always work in progress. We accept it as a part of life, just like the fact we know if you live long enough, you're going to die. But they use it for their smear campaign, because they are ignorant and arent here to enjoy tech. They are like a lot of groups in this country. They just want attention, because the world basically ignores their pointless existance.

8. OneLove123

Posts: 1268; Member since: Aug 28, 2018

How come you guys haven't talked about 1.4billon iOS users can be hacked thought their contacts app? Ahahaha

9. OneLove123

Posts: 1268; Member since: Aug 28, 2018


10. Georgio

Posts: 304; Member since: Nov 21, 2016

No...That was one of your dreams ; not the reality. hahaha

17. OneLove123

Posts: 1268; Member since: Aug 28, 2018

Well, guess what? It is reality.

15. cmdacos

Posts: 4334; Member since: Nov 01, 2016

You know exactly why ;)

21. Alcyone

Posts: 584; Member since: May 10, 2018

Glasses, white paper and black tape with 120 seconds. I do believe thats all they used, along wirh the subject. Google "Black Hat 120 second iphone" Improbable? Yes. Impossible? No Nothing hardware, nor aoftware is impenetrable.

28. nwuhwpzt

Posts: 1; Member since: Aug 12, 2019

it's Black Hat, not Black Rock

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless