Mai bincike ya nuna rashin lafiyar Apple Security Bounty

Ángel González

3 minti

Apple Security Kyauta

La seguridad Ga Apple yana da mahimmanci, musamman la'akari da matsalolin da manyan kamfanonin fasaha ke da yawa. A gaskiya ma, muna ƙara ganin yadda software da hardware ke haɗa juna. samar da ƙarin bayani da bayanan sirri waɗanda aka adana a cikin na'urar kuma ba a cikin ayyukan Apple godiya ga fasaha kamar Secure Enclave processor. Bugu da ƙari, Apple yana da tsarin lada ga masu amfani waɗanda suka gano lahani a cikin tsarin aikin su: Apple Security Bounty. A gaskiya ma, mai amfani yana nuna rashin gamsuwa da tsarin lada yana nuna cewa yana aika bayanai game da lahani guda uku waɗanda har yanzu suna bayyana a cikin iOS 15 na tsawon watanni.

Kyautar Tsaro ta Apple: gano rashin lahani a musayar kuɗi

A matsayin wani ɓangare na sadaukarwar Apple ga tsaro, muna ba da lada ga masu binciken da suka raba tare da mu batutuwa masu mahimmanci da dabarun amfani da su. Yana da fifiko a gare mu don warware matsalolin da aka tabbatar da sauri don mafi kyawun kare abokan ciniki. Apple yana ba da karɓuwa ga jama'a ga waɗanda suka gabatar da ingantattun rahotanni kuma za su dace da gudummawar biyan kuɗi ga ƙungiyoyin agaji masu cancanta.

El Apple Security Kyauta ne mai tsarin lada cewa babban apple ya faɗaɗa a cikin 2019 da nufin barin kowane mai amfani ya aika bayanai game da su kwari da lahani a cikin tsarin aikin su. Kyautar ta kasance daga $25000 zuwa dala miliyan XNUMX dangane da tsananin raunin da aka samu.

Wani mai bincike Denis Tokarev yayi sharhi akan shafin sa na yanar gizo cewa sama da watanni 7 Apple yana da bayanai game da lahani 3 da har yanzu akwai a iOS 15:

Na ba da rahoton lahani na kwanaki 0 ​​a wannan shekara tsakanin Maris 10 da Mayu 4, kamar yadda a yanzu uku daga cikinsu har yanzu suna nan a cikin sabuwar sigar iOS (15.0) kuma an gyara ɗaya a cikin 14.7, amma Apple ya yanke shawarar rufe shi kuma kar a hada shi a cikin shafin abun ciki na tsaro.

Apple ya mayar da martani ga mai binciken watanni bayan buga labarinsa

Zuwan WWDC 2021 ya kusa

A cikin labarin, Tokarev ne ke da alhakin nazarin kowane daga cikin uku vulnerabilities. Kamar dai yadda ya gargadi Apple cewa zai yi idan ba su tuntube shi ba. Wadanda daga Cupertino sun saba wa yarjejeniyar da aka sanya hannu lokacin da ake amfani da Kyautar Tsaro ta Apple. Awanni bayan buga labarin wanda ke fallasa Apple da shirinsa, daga Cupertino sun tuntubi mai binciken:

Mun ga rubutun ku game da wannan matsala da sauran rahotanninku. Muna baku hakuri bisa jinkirin da aka samu wajen amsa muku.

Muna so mu sanar da ku cewa har yanzu muna kan binciken waɗannan batutuwa da kuma yadda za mu magance su don kare abokan ciniki. Mun sake godewa don ba da lokacin yin rahoton mana waɗannan batutuwa, muna godiya da taimakon ku.

Da fatan za a sanar da mu idan kuna da wasu tambayoyi.

Mai binciken ya ci gaba da tabbatar da hakan Saƙon Apple abin ban dariya ne musamman la'akari da cewa mai amfani daga duniyar jailbreak ya samo a mafita zuwa fa'idodi uku da Tokarev ya ba da rahoto ga Apple a cikin Maris.


Ku biyo mu akan Labaran Google

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.