iPhone漏洞價值比Android漏洞還不值錢 - 手機討論

https://tinyurl.com/y67o48xk

Android exploits has overtaken iOS with leading exploit broker Zerodium for
the first time since it was founded. In fact, such is the “flood” of
exploits now targeting iOS, that the broker is turning some away.

Android 漏洞價值現在超越了iOS。因為iOS 漏洞太多了，過量的供給導致仲介
還拒絕了一些漏洞

A full-chain (0-click, no user intervention) Android exploit now tops the
payments menu at $2.5 million, while the same type of iOS attack software
pays just $1 million, down from $1.5 million. Zerodium explains that “the
amounts paid to researchers to acquire original zero-day exploits depend on
the popularity and security level of the affected software/system, as well as
the quality of the submitted exploit.”

完整的（不需要使用者操作的）Android漏洞現在值超過250萬美元，而同樣的攻擊在iOS
上已經降到了100萬美元（原本150萬美元）


According to a Zerodium statement, “during the last few months, we have
observed an increase in the number of iOS exploits being developed and sold
by researchers from all around the world. The zero-day market is so flooded
by these iOS exploits that we've recently started refusing some them.”

在過去幾個月，我們觀察到大量的iOS侵入方式被開發了而且被世界各地的研究人員拍
賣。市場上充滿著各式各樣的iOS侵入法，所以我們甚至必須要拒絕一些漏洞。

And as with all other kinds of markets, pricing analysis uncovers significant
trends that are impacting the market in real-time. Despite the news flow of
the last week, this is a surprise as far as Apple is concerned with the
impression having landed with many of its users that it significantly safer
and more locked down that Android.

這對蘋果來說是一種驚奇，因為蘋果向來認為比Android 安全很多



心得：

當iOS漏洞沒那麼值錢的時候大家就沒興趣找了啦～

--