Reply to post:

Five bag $300,000 in bug bounties after finding 55 security holes in Apple's web apps, IT infrastructure

Dave 126 Silver badge

This story makes a good counterpart to the Reg article:

'Want to set up a successful bug bounty? Make sure you write it for the flaw finders and not the lawyers' -

This team started their search for vulnerabilities in Apple's systems without reading any detailed bug bounty documents from Apple - they'd just followed the story of a previous hacker who was awarded $100,000 by Apple, and thought they'd give it a go in good faith. They also noted that it started as a side project for them, but Covid lockdown left them with a lot more time on their hands. Their write-up (linked in this Regard article) is well worth a read ( or at least a slim, it's detailed! ), and it was published with the blessing of Apple's security team

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon