Software bug dealer says it won't buy iOS exploits because there's so many

iPhone 6s startup screen
iPhone 6s startup screen (Image credit: iMore)

What you need to know

  • Zerodium is a bug broker of sorts.
  • But it doesn't want any more iOS exploits.
  • There's so many in the pipeline they don't need more.

A company that buys security exploits found by hackers and researchers has said that it no longer wants to have anything to do with new iOS discoveries. But not for the reasons you might expect. Instead, Zerodium says that there are just so many being worked on already that more simply aren't needed.

In a tweet yesterday, Zerodium said that it won't be buying new exploits relating to iOS, Safari, or the sandbox for at least the next couple of months. Maybe more.

See more

AppleInsider also notes that the company's founder believes that iOS security is "f--cked" but that it's possible iOS 14 will improve matters.

Only PAC and non-persistence are holding it from going to zero...but we're seeing many exploits bypassing PAC, and there are a few persistence exploits (0days) working with all iPhones/iPads. Let's hope iOS 14 will be better.

While a company like Zerodium not buying exploits sounds like a good thing, the reason is not. Apple's iOS is often thought to be more secure than the competiting Android and while that's true, it isn't impregnable. Apple continues to work to ensure iPhones and iPads are as secure as possible but people also work just as hard to make sure they find ways in.

It sounds like they are the ones that are winning.

Oliver Haslam

Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.

Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.

  • Those in glass houses hey! Android is full of security flaws, ios is secure. What a load of horseshit.
  • They're both full of security flaws, welcome to big corporation software. One thing is that iOS gets updated for longer than Android, so older iOS devices would be more secure when they get updates where the Android devices do not, but for modern devices they're more or less the same. If you really really want a secure phone, get yourself a phone with Sailfish OS on
  • please. stop apologizing for apple danny. I use iphone and I probably always will. But I don't think for one second they are the ******* be all end all like yourself. NO. IOS devices are no more secure than android, at any point in their existance. That ship has sailed LONG AGO. I think that died with Steve unfortunately. Tim's apple is a failure.
  • There was no apologies here, both Android and iOS have security flaws. Big corporation companies spend so much time putting features in for yearly releases that quantity rules over quality and you end up with bugs and security flaws.
  • I'd rather think the reason is the software becoming more and more complex while people developing the core and architects founding the core are gone, passed away. There is no way you can keep software quality the same while expanding on its features, no matter the pace. On the contrary, if you prolong development, the know-how will leave in a faster rate in the meantime. The only reason iOS was safe during Jobs times, is because iOS was a "phone, an mp3 player and an Internet Communicator, get it?" While the software is simple and you are not intending to be more than an mp3 player, you can keep quality hence security higher, and nobody will even care to attack your mp3 player. Times changed. Apple leading app availablity had driven consumers wanting more than being an mp3 player.