Apple’s payout to a 14-year-old proves we can all be ‘bug bounty hunters’

Apple paid out a reward to a 14-year-old kid who happened to spot a problem with their software, offering a preview of future ‘bug-bounty’ programs.

Last week, Apple decided to pay out a reward (of an undisclosed value) to the 14-year-old who discovered a major security flaw in FaceTime.

For years, tech companies like Apple and Google have paid programmers for catching software glitches as part of their “bug bounty” programs. But Apple’s move shows that bug bounties aren’t just for world-class security researchers any more.

Everyone is a bounty hunter now

Grant Thompson isn’t a world class programmer: He’s a student at Catalina Foothills High School.

But when he discovered that Apple’s new FaceTime update enabled users to eavesdrop on their friends, he decided to report the problem to Apple.

In the past, Apple ran a program that offered up to $200k to “security researchers” who discovered and reported vulnerabilities. But now, Apple has decided that even amateur bug hunters like Grant should be entitled to compensation.

Two ways to tackle cybersecurity

Large tech companies are looking for new ways to deal with increasingly complex cyberfraud. One solution is to hire huge cybersecurity companies to tackle cybercrime from the top: Spending on top-down information security is expected to hit $124B this year.

But companies are also taking on cybercrime from the bottom up by offering bounties to individuals who point out problems. Google, for instance, paid out $3.4m just last year to bug-hunters.

Since cybercrime isn’t going anywhere, bug bounty-hunting is likely to increase — and more high-schoolers will probably be doing the bug-squashing.

Get the 5-minute roundup you’ll actually read in your inbox​

Business and tech news in 5 minutes or less​

Psst

How'd Bezos build a billion dollar empire?

In 1994, Jeff Bezos discovered a shocking stat: Internet usage grew 2,300% per year.

Data shows where markets are headed.

And that’s why we built Trends — to show you up-and-coming market opportunities about to explode. Interested?

[class^="wpforms-"]
[class^="wpforms-"]
[email-submission-form button-text="Join Free" include-trends-opt-in="true" success-url="https://thehustle.co/signup" default-source="thehustleco" default-medium="home-exit-popup" default-campaign="home-page" form-id="exit-popup-general" optinmonster-conversion="true" redirect-after-signup="https://thehustle.co/thank-you-hub/"]
<script type="text/javascript"> var onloadCallback = function() { grecaptcha.render('verify-your-humanity', { 'sitekey' : '6LdddrcZAAAAALyttpvOqiwQGwq5BNhgDz4tMQGE' }); }; function getCookieValue(a) { var b = document.cookie.match('(^|[^;]+)\\s*' + a + '\\s*=\\s*([^;]+)'); return b ? atob(decodeURIComponent(b.pop())) : ''; } function getCookie(name) { var cookieArr = document.cookie.split(";"); for(var i = 0; i < cookieArr.length; i++) { var cookiePair = cookieArr[i].split("="); if(name == cookiePair[0].trim()) { return decodeURIComponent(cookiePair[1]); } } return null; } function setHiddenFieldValue(wrappingDiv, searchParams, className, utmName, cookieName, defaultValue) { var el = wrappingDiv.getElementsByClassName(className)[0]; var existingVal = el.getAttribute('value'); if (utmName == 'ref') { var newVal = searchParams.get(utmName) || getCookie(cookieName); } else { var newVal = searchParams.get(utmName) || getCookieValue(cookieName); } if ((existingVal == null || existingVal == '' || existingVal == defaultValue) && (newVal != null && newVal != '')) { el.setAttribute('value', newVal); } } function setHiddenFieldValueFromUtm( wrappingDiv, searchParams, className, utmName, defaultValue ) { var el = wrappingDiv.getElementsByClassName(className)[0]; if (el != null) { var existingVal = el.getAttribute("value"); var newVal = searchParams.get(utmName); if (newVal != null && newVal != "") { el.setAttribute("value", newVal); } } } function initForm() { var wrappingDivs = document.getElementsByClassName('email-submission'); Array.prototype.forEach.call(wrappingDivs,wrappingDiv => { var sp = new URLSearchParams(window.location.search); setHiddenFieldValue(wrappingDiv, sp, 'funnel-source', 'utm_source', 'funnel_source', 'thehustleco'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-campaign', 'utm_campaign', 'funnel_campaign', 'home-page'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-medium', 'utm_medium', 'funnel_medium', 'home-exit-popup'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-referral', 'ref', 'funnel_referral', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-a', 'a', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-c', 'c', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-o', 'o', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-oc', 'oc', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-e', 'e', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-f', 'f', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-r', 'r', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-t', 't', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s1', 's1', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s2', 's2', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s3', 's3', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s4', 's4', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s5', 's5', ''); var error_message = getCookieValue('validate-email-message'); if (error_message && error_message.trim() != '') { var error = wrappingDiv.getElementsByClassName('funnel-error')[0]; var prev_email = getCookieValue('funnel_email'); error_message = prev_email + " is not valid. Please try again"; error.innerHTML = error_message; error.style = ''; } }); if (false) { initCaptchaFormV2(); } } function initCaptchaFormV2() { var v3RecaptchaResponseEl = document.getElementById('recaptcha-response-v3'); v3RecaptchaResponseEl.parentNode.removeChild(v3RecaptchaResponseEl); var wrappingDiv = document.getElementById('email-submission'); var subForm = wrappingDiv.getElementsByClassName('email-submission')[0]; var captchaVersion = document.createElement('input'); captchaVersion.class = 'g-recaptcha hidden-input'; captchaVersion.type = 'hidden'; captchaVersion.name = 'g-recaptcha-response-v2'; captchaVersion.value = 'true'; subForm.appendChild(captchaVersion); var captchaEl = document.createElement('div'); captchaEl.id = 'verify-your-humanity'; subForm.prepend(captchaEl); var captchaApiScriptEl = document.createElement('script'); captchaApiScriptEl.src = 'https://www.recaptcha.net/recaptcha/api.js?onload=onloadCallback&render=explicit'; captchaApiScriptEl.async = true; captchaApiScriptEl.defer = true; document.head.appendChild(captchaApiScriptEl); } function appendCheckboxes_email_submission() { var wrappingDiv = document.getElementById('email-submission'); var optInDivs = wrappingDiv.querySelectorAll('.trends-opt-in'); optInDivs.forEach(el => { el.style.display = null; if (el.getElementsByClassName('trends-opt-in-checkbox').length < 1) { var checkbox = document.createElement('input'); checkbox.setAttribute('id', 'trends_opt_in_email_submission'); checkbox.setAttribute('class', 'trends-opt-in-checkbox'); checkbox.setAttribute('type', 'checkbox'); checkbox.setAttribute('name', 'trends_opt_in'); var label = document.createElement('label'); label.setAttribute('for', 'trends_opt_in_email_submission'); label.setAttribute('class', 'trends-opt-in-text'); label.textContent = "Yes, I'd like to receive additional emails on hot business opportunities from Trends, by the Hustle"; el.appendChild(checkbox); el.appendChild(label); checkbox.click(); } }) } window.addEventListener('DOMContentLoaded', (event) => { initForm(); if (true) { appendCheckboxes_email_submission(); } }); </script> <div class="email-signup" id=email-submission> <div class="funnel-error" style="display:none;"></div> <form class="email-submission " id="exit-popup-general" action="https://cms.thehustle.co/api/v1/contacts/wordpress_create" method="post" autocomplete="email"> <div class="email-form-wrap"> <input class="funnel-source hidden-input" type="hidden" name="source" value="thehustleco"> <input class="funnel-campaign hidden-input" type="hidden" name="campaign" value="home-page"> <input class="funnel-medium hidden-input" type="hidden" name="medium" value="home-exit-popup"> <input class="funnel-form-id hidden-input" type="hidden" name="form-id" value="exit-popup-general"> <input class="funnel-referral hidden-input" type="hidden" name="referral_code"> <input class="funnel-fail-url hidden-input" type="hidden" name="fail_url" value=""> <input class="funnel-a hidden-input" type="hidden" name="a" value=""> <input class="funnel-c hidden-input" type="hidden" name="c" value=""> <input class="funnel-o hidden-input" type="hidden" name="o" value=""> <input class="funnel-oc hidden-input" type="hidden" name="oc" value=""> <input class="funnel-e hidden-input" type="hidden" name="e" value=""> <input class="funnel-f hidden-input" type="hidden" name="f" value=""> <input class="funnel-r hidden-input" type="hidden" name="r" value=""> <input class="funnel-t hidden-input" type="hidden" name="t" value=""> <input class="funnel-s1 hidden-input" type="hidden" name="s1" value=""> <input class="funnel-s2 hidden-input" type="hidden" name="s2" value=""> <input class="funnel-s3 hidden-input" type="hidden" name="s3" value=""> <input class="funnel-s4 hidden-input" type="hidden" name="s4" value=""> <input class="funnel-s5 hidden-input" type="hidden" name="s5" value=""> <input class="funnel-success-url hidden-input" type="hidden" name="success_url" value="https://thehustle.co/signup?redirect_after=https%3A%2F%2Fthehustle.co%2Fthank-you-hub%2F"> <input id="recaptcha-response-v3" class="g-recaptcha hidden-input" type="hidden" name="g-recaptcha-response" value=""> <div class="signup-icon" style="display:none;"> <svg width="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M22 6c0-1.1-.9-2-2-2H4c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h16c1.1 0 2-.9 2-2V6Zm-2 0-8 5-8-5h16Zm0 12H4V8l8 5 8-5v10Z" fill="#848B92"></path></svg> </div> <input class="signup-email" type="email" name="email" placeholder="Your email address" required autocomplete="email"> <input class="email-submit om-trigger-conversion" type="submit" value="Join Free"> </div> <div class="validate-mistake-emails-message" style="display:none;"></div> <div class="trends-opt-in" style="display:none;"></div> <div submit-success> <template type="amp-mustache"> <p class="c-message c-message--success">Thank you for subscribing.</p> </template> </div> <div submit-error> <template type="amp-mustache"> <p class="c-message c-message--failed">Your submission failed. Please try again!</p> </template> </div> </form> </div>