All Articles

iOS Security Is Fucked

Five years ago, Zerodium offered a $1m reward for a browser-based, untethered jailbreak in iOS 9. On Wednesday, the software exploit broker said it won’t pay anything for some iOS bugs due to an oversupply.

“We will NOT be acquiring any new Apple iOS LPE [local privilege escalation], Safari RCE [remote code execution], or sandbox escapes for the next two to three months due to a high number of submissions related to these vectors,” the company said via Twitter. “Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future.”

According to the firm’s most recent price list, Safari RCE+LPE bugs had been eligible for payments of up to 500,000.Amorecomprehensiveexploit,likeazeroclickiOSFCP[fullchainwithpersistence]flaw,shouldstillqualifyforapayoutofupto500,000. A more comprehensive exploit, like a zero-click iOS FCP [full chain with persistence] flaw, should still qualify for a payout of up to2m, if the company accepts it.