In-brief: Apple announced on Thursday that a new bug bounty program would pay researchers up to $200,000 for information on flaws in its iOS mobile operating system and iCloud service, joining the ranks of technology firms that offer cash for information on software vulnerabilities.
iOS
Fiat Chrysler Launches Public Bug Bounty – But It’s Not All That
In-brief: Fiat Chrysler Automobiles (FCA) has unveiled a public “bounty” program that will pay security researchers up to $1,500 dollars for information on vulnerabilities in software used in conjunction with the company’s vehicles. Don’t get too excited.
Google: Lessons of Android Shape IoT Vision
In-brief: A prominent Googler says the company is committed to keeping the Android operating system open source, but wouldn’t mind the security benefits that come with Apple’s closed iOS ecosystem, either!
Update: Hello Barbie Fails Another Security Test
In-brief: The security firm Bluebox says the mobile applications used with Hello Barbie contain security flaws that could lead to the theft of passwords and other information. Update: this story was updated to include comment from Bluebox and ToyTalk. PFR 12/4/2015
Firm: Two iOS Exploits Could Qualify for $1 Million Bounty
In-brief: One team qualified for the $1 million bounty for a working, remote exploit or jailbreak for devices running Apples iOS 9 operating system, according to the security firm Zerodium. A second may also qualify for at least a partial bounty. However, Apple may only be informed of the holes at a later date.