Apple is expanding its bug bounty program
to solicit security vulnerabilities from security researchers. The program will now be open to all, not just researchers on pre-approved list. The bug bounties have also increased from $200,000 to as much as $1 million for the most serious bugs, such as hacking the kernel - the core of any OS - with zero clicks required by the iPhone owner. Another $500,000 will be given to those who can find a "network attack requiring no user interaction." There's also a 50% bonus for hackers who can find weaknesses in software before it's released. Apple is also extending the program to watchOS. The announcements were made in a talk by Apple's head of security engineering Ivan Krstic at the annual Black Hat conference. Krstic said the bug bounty program has been a success to date, with 50 serious bugs reported since the 2016 launch.