iPhones are best known for the top-notch security system integrated under their expensive metal shells, which arguably is one of the best in class. However, as good as the systems are, and as hard as it may be to break into them, they are not invincible.
Exploit acquisition firm Zerodium is out to put these systems to test as it offers $3 million to takers in return for exclusive zero-day vulnerabilities for the iOS 9.
Zerodium is a company which deals in zero-day vulnerability, hacks and exploits, providing them to major corporations which are usually interested in plugging the leaks in their systems, in return for hard cash. Some of its clients also include government organizations in need of customized security systems.
The company has now turned its attention to the newly released iOS 9 with its Million dollar iOS 9 Bug Bounty, and is inviting security researchers and jailbreakers from around the world to help it in its efforts to discover hacks and zero-days in the OS, and is offering massive amounts of money ($1 million per person/team that discovers a hack, to be exact) to the winners.
Now, what are zero-day vulnerabilities, you might ask? They were so named, because of the fact that they were meant to take advantage of a security vulnerability on the same day that the vulnerability becomes generally known — before the target was even aware of the loophole. However, here the term simply refers to a previously unknown, unpublished, and unreported vulnerability.
In a post on the topic, the company said,
Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS. But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.
Apart for the all-important requirement of “Zero-day”, the company has also introduced some additional clauses of its own. The submission, which must be done before October 31st, 2015 at 6:00 p.m. EDT, must contain details (including the source code, if any) of the hack, which “are combined to bypass all iOS 9 exploit mitigations including: ASLR, sandboxes, rootless, code signing, and bootchain.” The jailbreak must also allow a remote user to install a random application on an up to date iOS 9 device.
Also, the attack vector must not be one that nessaciates physical contact with the device. As per Zerodium, the vector must allow infiltration via a web page targeting the browser or any other app installed on the device or a text message and/or a multimedia file that can be made to reach the target device through a SMS or MMS.
Well, those are certainly a lot of rules that need to be followed. However, when you look at the amount of money that Zerodium is offering, well, security researchers all over the world, with an interest in this sort of thing are probably wracking their brains as we speak. The company is offering 3 million dollars in 3 separate prize pools of $1 million each. Also, while Partial or incomplete exploits/jailbreaks are not eligible for the main prize, Zerodium may choose to purchase rights to them too.
As to what the company is planning to do with all this data, well, we do get a hint for the same from the following statements,
All submissions must be made exclusively to Zerodium and must include the fully functioning exploit and its source code (if any), and a detailed whitepaper describing all the zero-day vulnerabilities and techniques used in the jailbreak.
Payment of the Million Dollar iOS 9 Bug Bounty by ZERODIUM to a researcher (individual or team) constitutes a purchase of the exclusive rights to the submitted exploit(s), jailbreak(s), and all related vulnerability information.
Since the submission is to be exclusive, Zerodium would get exclusive right to the hack, to do as it wills. The company will probably look to make a tidy profit by selling these hacks to corporations and governments interested in this sort of thing. In fact, if something of the sort is actually discovered, Apple may exhibit some interest in purchasing and plugging the leak in its security system.
That being said, we should stress again on the fact that bypassing iPhone’s security systems is no piece of cake. Speaking for myself, i would confess myself surprised if someone actually manages to do it. However, the world is a big place and not all geniuses are sitting behind desks, coding away for corporations. For all we know, someone may manage to crack the code and take the $1 million bounty home, from his basement.
We will be keeping a very interested eye on the scenario, as Apple’s latest (and best) iOS9, is put to test against the rest of the world. Stay tuned!