News

Teenager wants “bug bounty” from Apple

Grant Thompson, a 14-year-old American teenager who recently revealed a security bug in Apple’s FaceTime, will receive a “bug bounty” from the firm, as well as a grant to further his education. The precise amount is unknown but, in similar cases in the past, Apple has forked out roughly between $25,000 and $200,000.

This is not easy money though – the firm only pays “bounties” for five different classes of exploits, and the programme is presently only available by invitation.

This is why Apple is now being held to ransom by a German teenager who discovered a critical bug in macOS that enables hackers to access private information from the Keychain without admin privileges.

Keychain Access stores users’ passwords so that they don’t have to remember them every time they visit a network server, email account or website. This means that the bug might give access to banking, Facebook and Netflix login information, among others.

18-year-old Linus Henze recently uploaded a YouTube video in which he revealed exactly how easy it is to get a user’s login credentials from their Apple computer. In the video description, he states: “In this video, I’ll show you a zero-day exploit that allows me to extract all your (local) keychain passwords on macOS Mojave, and lower versions.”

Henze won’t reveal any details about the exploit until Apple adds MacOS exploits to its bug bounty programme, which currently only applies to iCloud and iOS vulnerabilities.

He added that he actually loves Apple products but that he would like them to be more secure – and a bug bounty programme similar to what other firms already have would be the best way to achieve this.

He was probably referring to Google and Facebook, which have paid out around $14.91m and $7.455m respectively since launching their bug bounty programmes.

Tags

About the author

Chris

I've been a passionate evangelist for Apple and the Macintosh throughout my working life, my first love was a Quadra 605 working with a small creative agency in the south of Norfolk UK in the mid 1990's, I later progressed to other roles in other Macintosh dominated industries, first as a Senior graphic designer at a small printing company and then a production manager at Guardian Media Group. As the publishing and printing sector wained I moved into Internet Marketing and in 2006 co-founded blurtit.com which grew to become one the top 200 visited sites in the US (according to Quantcast), at its peak receiving over 15 million visits per month. For the last ten years I have worked as an Affiliate and Consultant to many different business and start ups, my key skill set being online marketing, on page monetisation, landing page optimisation and traffic generation, if you would like to hire me or discuss your current project please reach out to me here.

You can also follow me on: and

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.