立即打开

苹果悬赏100万美金 邀请黑客找产品漏洞

Apple Offers $1 Million to Anyone Who Can Break into iPhone

苹果悬赏100万美金 邀请破解者来找漏洞

Apple says it will pay $1 million to any researcher who can successfully break into an iPhone. Other technology companies are also offering big payments for people to identify serious security threats in an effort to prevent major internet attacks.

苹果公司宣布将为能成功破解iPhone手机的研究员提供100万美元奖金。其他科技公司也为发现严重安全威胁者提供了大额奖金,以防止重大网络攻击。

A company official recently announced the new reward at a yearly security conference in Las Vegas.

苹果公司一名官员最近在拉斯维加斯举行的年度安全大会上,宣布了这一新悬赏计划。

The Black Hat conference is attended by many security researchers who attempt to hack the computer systems of companies and governments. The researchers seek security weaknesses that need to be fixed to prevent outside attackers from breaking into systems and devices.

黑帽安全技术大会的与会者包括众多试图入侵企业和政府计算机系统的安全研究员。研究员寻找需要修复的安全漏洞,以防止外部攻击者入侵系统和设备。

Apple's $1 million offer is thought to be the largest reward promised by a major technology company to defend against internet attacks. The announcement came from Apple's Head of Security Engineering and Architecture, Ivan Krstic.

苹果为此悬赏100万美元,这被认为是大型科技公司为抵御互联网攻击所承诺的最高奖励。这一计划由苹果公司安全工程和架构部门负责人伊万·克里斯迪克宣布。

The $1 million reward will be paid to any researcher who meets Apple's conditions for gaining full access to an iOS device without assistance from the owner, the website AppleInsider reported.

苹果公司提出的条件是,任何人只要未经手机持有者的协助就能访问IOS设备,就能拿到100万美元奖金。据苹果内幕网站报道。

Such a takeover of an iOS device has proven to be extremely difficult for hackers as well as law enforcement organizations.

事实证明,对黑客和执法机构来说,控制IOS设备是非常困难的。

The reward is a new part of Apple's Feedback Assistant program. The program is a way for developers to send "bug reports" about programming problems and possible security threats.

奖金是苹果公司推出的反馈助手计划的最新内容。该计划是开发人员发送涉及程序问题和潜在安全威胁的“漏洞报告”的一种方式。

Apple began offering money rewards of up to $200,000 in 2016 to researchers for high quality bug reports. During comments to the conference, Krstic said since that time, the company had received "over 50 useful reports," PC Magazine reported.

苹果公司在2016年开始为提交高质量漏洞报告的研究员提供高达20万美元的奖金。据《个人电脑》杂志报道,克里斯迪克在大会上发表讲话时表示,自2016年以来,苹果公司已收到了“超过50份有用报告”。

Other rewards include $500,000 for gaining "high-value user data" over a network without user involvement. A successful "user data extraction" could pay a researcher $250,000, while gaining basic access to a locked device could bring $100,000.

其他奖励包括,在用户未参与的情况下通过网络获得“高价值用户数据”的研究员可得到50万美元奖金。成功进行“用户数据提取”的研究员可获得25万美元奖金,而掌握上锁设备基本访问权的研究员可得到10万美元奖金。

In addition to the larger top rewards, Apple also introduced other changes to the program. One difference is that the reward will be offered to all security researchers who wish to take part. In the past, the researchers were selected and invited by Apple.

除了提高奖励的金额外,苹果公司还对这项计划进行了其他更改。其中一个变化是,奖励面向所有希望参与其中的所有网络安全员。以前,苹果公司会挑选和邀请研究员来寻找漏洞。

In addition, rewards will now be paid to people identifying security issues with systems beyond iOS, related to the iPad, Apple Watch and iCloud.

另外,除了iOS系统外,在iPad、Apple Watch和iCloud等相关系统发现安全问题的研究员也能得到奖金。

Also at the Black Hat conference, Microsoft announced its own new program designed for researchers to test security. The program is called Azure Security Lab. With its launch, Microsoft also announced increases in its top rewards for bug reporting.

微软也在黑帽安全技术大会上宣布了一项旨在让研究员测试安全性的新计划。这项计划名为Azure安全实验室。推出这项计划后,微软还宣布将增加漏洞报告的最高奖励金额。

The company says the Azure Security Lab will give researchers the chance to create possible hacking incidents that could be attempted by criminal attackers in the real world. Tests are to be carried out in a controlled, secure environment without the possibility of causing real harm, Microsoft says.

微软公司表示,Azure安全实验室使研究员有机会创造可能的黑客入侵事件,这些可能是罪犯在现实世界会尝试的攻击。微软表示,测试将在可控且安全的环境下进行,不会造成真正的伤害。

Azure is Microsoft's cloud services operation. The lab will permit researchers to look for security weaknesses and attempt to launch attacks on the system. The company says the lab will also offer specific challenges to researchers that will pay top rewards up to $300,000.

Azure是微软公司的云服务操作平台。该实验室将允许研究员寻找安全漏洞,同时试图对系统发动攻击。微软表示,实验室还将为尝试特定挑战的研究员提供最高30万美元的奖励。

Microsoft said in a statement it had paid researchers a total of $4.4 million in rewards during the past year for identifying serious security issues.

微软公司在声明中表示,在过去一年中,微软已经为发现严重安全问题的研究员累计发放了440万美元奖金。

Last month, Google announced it had paid researchers more than $5 million since 2010 "for finding and reporting security bugs that help keep our users safe." The company said its rewards program had resulted in more than 8,500 individual bug reports.

谷歌公司上个月宣布,自2010年以来,公司已为研究员支付了超过500万奖金,这些研究员“发现并报告的安全漏洞有助于确保谷歌用户的安全”。该公司表示,其奖励计划收到了超过8500份个人漏洞报告。

In addition, Google announced large increases for the security reporting rewards it offers. The highest amount for basic reports received was tripled to $15,000, while payments for some "high quality" reports doubled to $30,000.

除此之外,谷歌还宣布将大幅提高安全报告的奖金金额。基本报告的最高奖金将增加三倍,达到1.5万美元,同时“高质量”报告的奖金将翻倍,达到3万美元。

I'm Bryan Lynn.

布莱恩·林恩为您播报。

打开APP阅读全文