Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Saturday October 01 2016, @03:12AM   Printer-friendly
from the boba-fett-gonna-be-rich dept.

Zerodium is offering up to $1.5 million for an exploit against iPhones and iPads running the latest version of iOS 10, or up to $200,000 for an exploit against Android 7:

Last year, Zerodium offered $1 million for iOS exploits, up to a total of $3 million. It dropped the price to $500,000 after receiving and paying for three qualifying submissions. On Thursday, Zerodium founder Chaouki Bekrar said the higher prices are a response to improvements the software makers—Apple and Google in particular—have devised that make their wares considerably harder to compromise.

"Prices are directly linked to the difficulty of making a full chain of exploits, and we know that iOS 10 and Android 7 are both much harder to exploit than their previous versions," he told Ars. Asked why a string of iOS exploits commanded 7.5 times the price of a comparable one for Android he said: "That means that iOS 10 chain exploits are either 7.5 x harder than Android or the demand for iOS exploits is 7.5 x higher. The reality is a mix of both."


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Nerdfest on Saturday October 01 2016, @03:15AM

    by Nerdfest (80) on Saturday October 01 2016, @03:15AM (#408636)

    Doesn't he current iPhone7 jailbreak do this? Based on history, it doesn't seem like it will take long before this is collected.

    • (Score: 2) by takyon on Saturday October 01 2016, @03:18AM

      by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Saturday October 01 2016, @03:18AM (#408637) Journal

      Qualifying submission = previously unknown vulnerabilities. It also likely has to be remote, no hardware in hands / physical access jailbreak tricks.

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
      • (Score: 2) by Nerdfest on Saturday October 01 2016, @04:15AM

        by Nerdfest (80) on Saturday October 01 2016, @04:15AM (#408656)

        I bet that guy's wishing he waited. I thought there was talk of another "drive-by" jail breaking for the latest iOS.

      • (Score: 3, Informative) by mendax on Saturday October 01 2016, @05:48AM

        by mendax (2840) on Saturday October 01 2016, @05:48AM (#408667)

        I guess that leaves out using an axe.

        --
        It's really quite a simple choice: Life, Death, or Los Angeles.
  • (Score: 2) by bzipitidoo on Saturday October 01 2016, @01:30PM

    by bzipitidoo (4388) on Saturday October 01 2016, @01:30PM (#408757) Journal

    Chance there is still at least one useful exploit: 99% but going down?
    Chance you can be the first to find a useful exploit: 0.01%

    If you find something significant and report it:
    Chance you'll be fined, fired and/or imprisoned, like Dmitry Sklyarov and Jon Johansen : 5%
    Chance it will be used against people you like: 99.9%

    Cost of sample products: $1000
    Cost of other needed equipment: not much, and you already had plenty
    Hours required to study the product: 100 to 1000
    Cost/value of rising in the rankings on secret government and organized crime lists of "evil" hackers: ???

    If you aren't desperate for money, doesn't seem worth trying. Too many people still want to shoot the messenger. Too likely you'll find nothing and still end up on a few lists.