Evolution of Apple Security Bounty Program
We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks. This is an unprecedented amount in the industry and the largest payout offered by any bounty program we’re aware of — and our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more than double this reward, with a maximum payout in excess of $5 million. We’re also doubling or significantly increasing rewards in many other categories to encourage more intensive research. This includes $100,000 for a complete Gatekeeper bypass, and $1 million for broad unauthorized iCloud access, as no successful exploit has been demonstrated to date in either category.
They’re referring to a Gatekeeper bypass “with no user interaction,” but I don’t really understand what that would mean. Doesn’t Gatekeeper only come into play when there is user interaction? If there’s no user interaction, that seems like it would be a zero-click exploit, which should be worth way more than $100K.
In addition to increasing reward amounts and expanding bounty categories, we’re making it easier for researchers to objectively demonstrate their findings — and to determine the expected reward for their specific research report. Target Flags, inspired by capture-the-flag competitions, are built into our operating systems and allow us to rapidly review the issue and process a resulting reward, even before we release a fix.
When researchers demonstrate security issues using Target Flags, the specific flag that’s captured objectively demonstrates a given level of capability — for example, register control, arbitrary read/write, or code execution — and directly correlates to the reward amount, making the award determination more transparent than ever. Because Target Flags can be programmatically verified by Apple as part of submitted findings, researchers who submit eligible reports with Target Flags will receive notification of their bounty award immediately upon our validation of the captured flag. Confirmed rewards will be issued in an upcoming payment cycle rather than when a fix becomes available, underscoring the trust we’ve built with our core researcher community.
A major evolution would be if Apple actually paid people who submitted bugs instead of arbitrarily deciding “nope”
The changes sound good, but this was my first thought, too. I think the problem with the bounty program wasn’t that it didn’t claim to pay enough or in enough categories. It was that Apple has a history of not counting exploits that seem like they should count, downgrading them to lower categories, delaying fixes and thus payments, and withholding payments until after being called out in the press. If you discover an exploit, it should be a no-brainer to write it up and submit it through the proper channels because you trust that Apple will take it seriously and that you’ll get paid. But that’s not the case from what I’ve seen.
Previously:
- TCC and Gatekeeper Bypasses
- No Bounty for Kernel Vulnerability
- An Examination of the Bug Bounty Marketplace
- Denis Tokarev’s Four Zero-Days
- Security Researchers Unhappy With Apple’s Bug Bounty Program
- More Trouble With the Apple Security Bounty
- Password Reset iCloud Account Vulnerability
- Sandbox Doesn’t Protect Files From stat()
- We Hacked Apple for 3 Months
- Safari Privacy Protections Bypass
- Apple vs. Security Researchers
- File System Events Privacy Protections Bypass
- KeySteal Mac Keychain Exploit
- Major FaceTime Privacy Bug
- Apple Security
Update (2025-10-15): See also: Bruce Schneier.
Update (2025-10-20): Rosyna Keller:
I’m going to write a blog post about a privacy leak Apple fixed reluctantly, didn’t get a CVE, and then Apple decided wasn’t worth a bug bounty despite the very important information it leaked.
It’s gotta be responsible to disclose it by now. But it was damn hard to find a phone that’ll run iOS 18.7, because Apple decided not to fix it there.
5 Comments RSS · Twitter · Mastodon
I only submitted one security bug. After some really stupid back and forth Apple told me that my problem was not security related. And therefore even 2 years later I can access files which are under Full Disk Access protection without having Full Disk Access. I didn't bother to report a problem with background items.
It really makes all of the restrictive security features sting all the more when you realize that, with the many missteps in their bug bounty program, and that example from Beatrix Willius being a prime example, Apple doesn't actually take security seriously. macOS prevents you from doing all sorts of things in the name of security, and yet malicious software will still be able to exploit these bugs even in up-to-date copies of macOS.
Again, I think the "security" features are just about control.
Anyone else ever get a CVE credit and not even know about it for a long time because Apple never even sent an email
reply?
Not saying I deserved a million dollar bounty but my credit on a CVE indicates that contribution was worth something… a thousand dollar check would’ve been nice. They’re so fucking cheap.
@Bri Absolutely about control. It's been a long while since Apple published its "Security Guide" for Mac OS X releases for the benefit of the user seeking to reduce their attack surface; nowadays it's all about security by obscurity, in the model of iOS. Users, developers and security researchers, all alike, are treated as the enemy within, to be vanquished by all means necessary, unless and until they can be seen as a potential sacrifice to the angry God of mammon, in which case they are to be carefully controlled, bound by contract and potential loss of livelihood, to serve The Master on pain of furious retribution in case of sedition.
@ObjC4Life TBH I was very surprised when they got in touch with me about my AirPort firmware issue, far beyond the 3 month deadline I'd set them, to ask who they should give credit for the low-attack-complexity vuln I'd reported. Nice to see my name in print, I guess?
