With every update made to iOS, Apple tries to make it more secure than before, such as by closing existing vulnerabilities, and beefing security at the same time. However no software is 100% secure as there will always be someone who can eventually figure out a way to get in, but that’s kind of the whole point of these updates anyway.Recently exploit broker Zerodium has announced that they are willing to pay up to $1.5 million if they could be presented with a zero-day exploit that will work against fully-patched iPhones and iPads. This is a lot of money as prior to this, the group was paying out $500,000. This is also about 7.5 times more than what they are paying for Android exploits which is at $200,000.
Speaking to ArsTechnica, Zerodium’s founder Chaouki Bekrar said, “Prices are directly linked to the difficulty of making a full chain of exploits, and we know that iOS 10 and Android 7 are both much harder to exploit than their previous versions. That means that iOS 10 chain exploits are either 7.5 x harder than Android or the demand for iOS exploits is 7.5 x higher. The reality is a mix of both.”
It will be interesting to see who can claim the bounty, although it seems that it will be quite hard as the exploit needs to work pretty much flawlessly, but if anything we guess it’s good since if an exploit worth $1.5 million is found, it’s definitely one that needs to be fixed, although given that Zerodium seems to deal more with government agencies than the companies themselves, hopefully Apple will be able to stay on top of it.