Carl Court/Getty Images
show image

Apple’s now paying people to hack its devices – Bug Bounty is becoming big business

Apple has become the latest company to bow to the wisdom of the crowd for its security needs with the launch of a new Bug Bounty programme.

It’ll pay people up to $200,000 to people who find vulnerabilities in its software, which, if found by the wrong people, could allow hackers to steal user data or take out its systems.

The announcement was made at security conference Black Hat, where hackers show off their latest efforts to get in where they shouldn’t be able to, by Apple’s head of security engineering Ivan Krstic.

His bio on Twitter simply reads ‘danger is funny’, sentiment that isn’t out of place among those engineers who take joy in breaking things.

The tech giant joins hundreds of other companies, both in tech and outside, that are appealing to the hacker community to help them test the robustness of their digital platforms.

Some give cash rewards, others more of a pat on the back, with many programmes modelled on Netscape’s 1995 effort to find bugs in its Netscape’s Navigator 2.0 browser.

There’s even a Silicon Valley-based, venture capital-backed company that’s tracking this growing market.

Bugcrowd’s 2016 State of Bug Bounty report says: “What we’re witnessing right now is the maturation of a model that will fundamentally change the way we approach the security, trust and safety of the internet.”

Public programmes are just the tip of the iceberg, as many companies are starting to hire hackers-as-a-service to help them out as and when they’re needed.

Here are the State of Bug Bounty report’s six top security trends.

Credit: Bugcrowd
Credit: Bugcrowd