Apple runs a program called Apple Security Bounty to detect and fix vulnerabilities in the system. This program, which allows all researchers to detect and report vulnerabilities that may threaten the security or privacy of Apple users, also gives a monetary reward to the researchers who perform this detection.
Expanding the scope of the program in 2019, Apple also increased the monetary rewards. This naturally increased the interest in the program. The claim of a researcher, who stated that he had forwarded four security vulnerabilities in iOS to Apple within the scope of the program, raises doubts about the operation of the program.
Only one of the four bugs has been resolved:
The person who made the vulnerability notifications made these notifications between March 10 and May 4, when iOS 15 was not yet in the middle. One of the bugs was fixed with iOS 14.7, but the bug was not listed on Apple’s official vulnerability page. When he noticed this situation and mentioned it to Apple, he was informed that it was due to a mistake and that it would definitely be on the list of the next version. However, the bug was not included in the next list of vulnerabilities.
In addition to this fixed bug, this researcher with the user name illusionofchaos, who states that there are three more security flaws in iOS 15 that are still not fixed and that are also in iOS 15, states that these bugs, which Apple ignores, directly threaten the privacy of user information. According to him, Apple wants to cover up the security vulnerabilities in iOS with such moves.
One of the security vulnerabilities includes an issue where apps that have access to location information can also access Wi-Fi information, while another causes apps downloaded from the AppStore to access users’ Apple ID information and contacts. The third vulnerability causes applications installed on the device to be able to see other installed applications. All of these vulnerabilities are allegedly present in iOS 15 as well.
So why shouldn’t you get an iPhone 13?