• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Thursday, July 10, 2025
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

Apple is paying a record $100,500 to a student who discovered a Mac webcam hack

by Jigyasa Prashar
January 26, 2022
in News, Tech, Trending
Reading Time: 2 mins read
0
how to transfer esim to new iPhone
TwitterWhatsappLinkedin

A cyber security student demonstrated how hacking Apple’s Mac cameras can render devices completely vulnerable to hackers, earning him $100,500 from the company’s bug bounty program.

You might also like

Trump Unleashes New Tariffs, Sri Lanka Among Seven Nations Facing 30% US Duties

Starlink Clears Final Regulatory Hurdle, Poised for Launch in India

Nvidia Shatters Records with $4 Trillion Market Value Amidst AI Supremacy

Courtesy: Onliner Recruiters

Ryan Pickren, who previously uncovered a camera weakness in the iPhone and Mac, has received what is thought to be Apple’s greatest bug bounty payout. According to Pickren, the new webcam vulnerability was related to a series of Safari and iCloud issues that Apple has since resolved. A rogue website may use these issues to conduct an attack before they were corrected.

Pickren outlines in detail how the exploit would grant the attacker full access to all web-based accounts, including iCloud and PayPal, as well as the ability to use the microphone, camera, and screensharing. However, if the camera is used, the camera’s standard green light will turn on.

According to Pickren, the same hack would allow an attacker to get complete access to a device’s whole filesystem. It would do so by taking use of Safari’s “webarchive” files, which are used to keep local copies of websites in the browser.

Pickren notes, “A shocking characteristic of these files is that they identify the web origin in which the material should be presented.” “While this is a fantastic method for allowing Safari to reconstruct the context of a stored page, as the Metasploit writers pointed out in 2013, if an attacker can edit this file in any way, they can practically achieve UXSS [universal cross-site scripting] by design.b”A user must first download and then open a webarchive file. According to Pickren, this meant that when Apple first implemented Safari’s webarchive, it did not consider this a realistic hack scenario. “To be fair, this decision was made nearly a decade ago, when the browser security paradigm wasn’t nearly as advanced as it is now,” Pickren explains.

He said, “Prior to Safari 13, no warnings were ever presented to the user before a website downloaded arbitrary files.” “It was therefore simple to place the webarchive file.”Apple hasn’t commented on the flaw, and it’s unclear whether it’s been actively abused. Pickren, on the other hand, was paid $100,500 from Apple’s bug bounty program, which is $500 more than previously reported payouts.

The corporation publishes a list of maximum sums each category of security issue reported, and the bug bounty program can officially reward up to $1 million. There is no compulsion for security experts to reveal how much they have been paid in public.

As a result, it’s possible that Apple has paid out more than $100,500 to Pickren. However, the corporation has been chastised in the past for paying less than its stated maximums and being reluctant to fix reported faults.

Tags: #ryanpickrenAppleHackiosiPhoneMacmillionstudenttechtrendingWebcam
Tweet54SendShare15
Previous Post

Apple postponed deletion of in-app accounts till 30th of June

Next Post

Polkadot joins the race to become the lead sponsor of FC Barcelona

Jigyasa Prashar

Recommended For You

Trump Unleashes New Tariffs, Sri Lanka Among Seven Nations Facing 30% US Duties

by Anochie Esther
July 10, 2025
0
NRIs

US President Donald Trump on Wednesday, July 9, 2025, announced a fresh wave of tariff demand letters, signaling a renewed and assertive push in his administration's trade policy....

Read more

Starlink Clears Final Regulatory Hurdle, Poised for Launch in India

by Anochie Esther
July 10, 2025
0
Starlink

After years of anticipation and navigating a complex regulatory landscape, Elon Musk's satellite internet venture, Starlink, has finally received the definitive green light to launch commercial operations in...

Read more

Nvidia Shatters Records with $4 Trillion Market Value Amidst AI Supremacy

by Anochie Esther
July 10, 2025
0
Nvidia

Nvidia, the undisputed leader in graphics processing units (GPUs) and a pivotal force in the artificial intelligence (AI) revolution, achieved a historic milestone on Wednesday, July 9, 2025....

Read more
Next Post
Polkadot joins the race to becomethe lead sponsor of FC Barcelona

Polkadot joins the race to become the lead sponsor of FC Barcelona

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?