SoylentNews

fliptop [soylentnews.org] writes:

Exploit acquisition firm Zerodium [zerodium.com] is offering a $1 million bounty for an exclusive, browser-based, and untethered jailbreak [zdnet.com]:

...the exploit/jailbreak must include a chain of iOS 9 exploits which bypass all mitigation systems including ASLR, sandboxes, code signing, and bootchains, and must lead to and allow "a remote, privileged, and persistent installation of an arbitrary app" on a fully updated iOS 9 device.

Zerodium wants the initial attack vector -- the place where exploits can be served -- to be a web page targeting the mobile versions of the Safari or Google Chrome browser, a web page targeting an application reachable through the browser or either an SMS/MMS message.

"The whole exploitation/jailbreak process should be achievable remotely, reliably, silently, and without requiring any user interaction except visiting a web page or reading a SMS/MMS (attack vectors such as physical access, Bluetooth, NFC, or baseband are not eligible for the Million Dollar iOS 9 Bug Bounty. Zerodium may, at its sole discretion, make a distinct offer to acquire such attack vectors)," Zerodium states.

The competition is open until 31 October.

Original Submission