- Secure boot firmware: $200,000
- Extraction of confidential material protected by the Secure Enclave Processor $100,00
- Execution of arbitrary code with kernel privileges: $50,000
- Unauthorized access to iCloud account data on Apple Servers: $50,000
- Access from a sandboxed process to user data outside of that sandbox $25,000
Motherboard's report explains that Apple is not paying nearly enough, as researchers can get considerably more for bugs from third-parties. Also, if they were to report some bugs they found, it could prevent them from doing further research. Nikias Bassen, a security researcher for Zimperium, and who joined Apple's program last year said:
People can get more cash if they sell their bugs to others. If you're just doing it for the money, you're not going to give to Apple directly.
Apple simply does not seem to be paying researchers enough for bugs. Motherboard says that in the current gray market, companies such as Zerodium buy exploits from researchers and sell them to their customers, offering $1.5 million for a method "comprised of multiple bugs that can jailbreak the iPhone." Another company offers $500,000 for similar exploits.
The report also notes how much effort Apple has put into its bug bounty program, like flying prominent researchers to Cupertino for closed-door meetings, only for the program to falter.
Apple pitched the researchers on collaborating with the company by joining the bug bounty program. Apple security employees gave presentations, took the researchers out or dinner, and gave them a chance to chat and discuss their work. Even Craig Federighi, Apple's senior vice president of software engineering, made a surprise appearance to meet and greet the researchers, according to two sources who attended.