Pages

New Study Says Apple Pays Five Times More Than Samsung For Detection Of Vulnerabilities Across Its Devices

A new study is shedding light on some of the biggest tech companies and the number of payments they make to help detect vulnerabilities.

And you just might be surprised to learn how Apple leads the race, paying up to five times the amount laid out by Samsung.

The Cupertino company makes use of a program known as the Bug Bounty that helps secure Apple’s devices from potential risks and any exposed vulnerabilities. But you’ll be a little amazed to learn how the program still comes with some major flaws.

At the same time, the report also highlights how researchers taking part in the program continue to slam Apple for failing to give them enough credit when days of ‘zero flaws’ get reported.

This new study was recently carried out by Atlas VPN and it hinted at how Apple can pay huge amounts of money that range anywhere from $100,000 to $1 million to get qualified exploits. On the other hand, we see Samsung rolling out payments that range between $200 and $200,000. Yes, the difference is huge!

When looking at other tech giants in the business who try to offer similar protection, Huawei was seen sending payouts worth $200 to $224,000 if any vulnerabilities were detected across their electronic devices.

Atlas VPN has hinted that all of the stats obtained were taken through data that can be accessed publicly regarding leading phone and electronic manufacturers. Therefore, it’s amazing to see the stark contrast in prices that such tech giants end up paying to find vulnerabilities across their products.

But it’s not how much Apple is paying that has many tech experts and analysts concerned. It’s a simple fact that the bug bounty system that it uses has many people second-guessing their decisions.

In 2017, we saw reports that spoke about how the program was involved in plenty of controversies. Other than that, researchers started to reach out about complaints regarding low payments when discoveries had been made.

After seeing the overall response and how security researchers were getting worked up with Apple, the tech giant knew the time had come to hire a new in charge of the program.

There was another historic controversy surrounding Apple where one iOS engineer says he told the company of several bugs but they failed to make any payments. Thankfully, the engineer named Tian Zhang had blogged about his discoveries and documented them for future reference.

According to him, Apple continued to extract information about bugs and even fixed them in their systems but failed to give credit where it was mostly due. Instead, they kicked him out of the firm’s developer program.

But it was not too long before that another report had been published regarding a similar experience faced by another researcher who assisted Apple in finding bugs like the zero-day flaws which Apple noticed and fixed immediately without any acknowledgment. Also, there were so many similar flaws in the iOS 15 that Apple had to address immediately.


Read next: How Well Trusted Are the World’s Governments? This Report Has the Answers

No comments: