'iOS security is f**ked' says exploit broker Zerodium: Prices crash for taking a bite out of Apple's core tech

2020-05-14 10:31

On Wednesday, the software exploit broker said it won't pay anything for some iOS bugs due to an oversupply.

Apple's iOS 13 has been particularly buggy, enough that SVP of software engineering Craig Federighi reportedly overhauled the company's internal software testing process to avoid a repeat when iOS 14 arrives later this year.

The market for iOS vulnerabilities took a hit last September when Zerodium said for the first time that it would pay more for flaws in Android than in iOS. That was a month after Google's Project Zero disclosed five privilege escalation exploit chains affecting iOS versions 10-12.

Asked whether Zerodium's statement reflects the actual state of iOS security or should be taken as a company just trying to make waves, Patrick Wardle, principal security researcher at Jamf Security and founder of Objective-See, told The Register that it's probably a bit of both.

"To iOS security researchers/hackers, it's unlikely that Zerodium's statement comes as a surprise," he said.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/14/zerodium_ios_flaws/

#apple #exploit #IOS #security #tech #zerodium

News URL

Related news