Student Says the Bounty Was the Highest Amount Apple Has Ever Paid so Far
Ryan Pickren is a Ph.D. student in cyber security at the Georgia Institute of Technology. Previously, in 2019, he found some vulnerabilities that he successfully exploited, which enabled him to switch on an iPhone camera and its microphones without requiring the user to activate privacy permissions. For his efforts, he was paid a bug bounty of $75,000 from Apple. Since then, he has moved on to the Mac’s camera, and he explains below how he achieved the feat. Hacking the Mac’s camera involved finding an invulnerability in an iCloud sharing app called ShareBear. If you accept an invitation to share a document with another person, your Mac will remember that permission has been granted and will not ask again if you re-open the document at a later time. Since the file is not stored on your local storage, the owner can change it after you have accessed it. That same file’s type can also be changed, turning it into an executable, allowing malicious individuals to gain access to someone’s computer. Pickren used this idea to turn a Pages document or image into malware, and since your Mac will not as for permission again, it will happily open it, thereby granting access. In addition to hacking the Mac’s camera, Pickren also obtained access to the machine’s microphone. Unfortunately, since Apple’s green LED lights up whenever this happens, even under normal circumstances, a curious user on the other end can quickly figure out what is going on and take appropriate measures. Pickren submitted these bugs to Apple in mid-July last year, and since then, the company has patched this invulnerability. For these findings, the technology giant rewarded him $100,500 in bounty, which Pickren claims is the highest sum ever paid by the company through its security program. News Source: Ryan Pickren
