Google’s security researcher has discovered major bugs in Apple’s mobile OS. The security researcher has challenged Apple to donate millions of dollars in charity for exposing these bugs.
Ian Beer, a security researcher from Google Project Zero has discovered major bugs in iOS. Recently reported bugs by Ian Beer can fetch $1.23 million in bounties from Apple. However, since Apple’s bounty program is invite-only, he cannot claim the bounty. Beer has asked Apple to donate this well-deserved bug bounty to charity.
The security researcher works in Google’s Project Zero, which was introduced to find bugs in software built by other companies. Google developers have found a great number of bugs in iOS. Ian Beer has offered Apple 90 days of time to fix the bugs before they would be publicly disclosed.
While Apple has fixed these bugs, Ian Beer claims that the company has done a bad job of fixing them. Ian Beer announced his findings in a presentation during annual security convention called Black Hat. Beer has been working towards finding iOS bugs from a very long time. His well-deserved bug bounty amounts to $2.45 million.
The security researcher has been finding and reporting the bugs to Apple since 2015. However, he has not been invited to join Apple’s bug bounty program (which is invitation-only). The program was announced in 2016, Beer had reported over 30 bugs by then. The security researcher wants Apple to donate the deserved amount to a human rights organization, Amnesty International.
While Ian Beer is part of Google’s Project Zero Team, it is unknown as to why he went public with his remarks about Apple. He has openly slammed Apple at Back Hat conference in Las Vegas. Apple has not made any official statement about Beer’s claim for bounty. The Google Hacker has not publicly disclosed the identified vulnerabilities but he has reported them to Apple.
Apple’s bug bounty program allows the select security researchers to claim bug bounty. The same researchers can earn more than Apple’s $200,000 bounty by selling these reports to the governments or third-party firms. These bounties can go up to $3 million if they are day-zero exploits in iOS or macOS.