There is so much excitement around the internet today as ZERODIUM, a premium zero-day acquisition platform, have announced the biggest zero-day bug bounty program. Dubbed the Million Dollar iOS 9 Bug Bounty, they are going to pay out millions to anyone who can jailbreak the “world’s most secure mobile operating system”. ZERODIUM announced that they will pay $1 million US dollars for an exclusive browser-based untethered jailbreak of iOS 9 and we have all the details below.
As the name suggest, this bounty program is targeted towards iOS 9, which is considered to be the most secure mobile platform out there. ZERODIUM says they it will pay out 1 million US dollars to each individual or team that creates or submits an “exclusive browser-based, and untethered jailbreak for iOS 9. The jailbreak must work on all iOS devices, including the iPhone 6s, iPhone 6s Plus, iPad Air 2, and more. The last browser-based jailbreak for iOS was Jailbreak.me which was released in 2011 by Comex.
Finding exploits or bugs that will allow developers and researchers to successfully jailbreak iOS 9 might be possible but finding a browser-based exploit is unlikely and not something that is going to be easy.
According to the ZERODIUM website: “Apple iOS, like all operating systems, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigation in place, Apple’s iOS is currently the most secure mobile OS. This however doesn’t mean that it is unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”
In total, ZERODIUM will be paying out $3 million US dollars for all iOS related exploits and jailbreaks found by developers and researchers. The zero-day bounty program is open until 6pm EDT on October 31 or until ZERODIUM ends up paying the total promised prize fund to developers and researchers. You can find out more about this on the ZERODIUM website.
One last thing, ZERODIUM won’t be making the exploit public so don’t expect a release of an iOS 9 jailbreak tool for iOS devices.
No comments:
Post a Comment