{"id":215815,"date":"2022-06-29T12:30:00","date_gmt":"2022-06-29T09:30:00","guid":{"rendered":"https:\/\/howtogeek.inform.com.de\/?p=215815"},"modified":"2022-04-08T01:48:20","modified_gmt":"2022-04-07T22:48:20","slug":"apple-paie-288-500-a-de-jeunes-pirates-pour-avoir-decouvert-55-vulnerabilites","status":"publish","type":"post","link":"https:\/\/howtogeek.inform.com.de\/fr\/apple-paie-288-500-a-de-jeunes-pirates-pour-avoir-decouvert-55-vulnerabilites\/","title":{"rendered":"Apple paie 288 500 $ \u00e0 de jeunes pirates pour avoir d\u00e9couvert 55 vuln\u00e9rabilit\u00e9s"},"content":{"rendered":"<p><a href=\"https:\/\/www.shutterstock.com\/image-photo\/eindhoven-netherlands-30-july-2019-crystal-1465754660\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Robert Coolen\/Shutterstock<\/a><\/p>\n<p>Une faille de s\u00e9curit\u00e9 massive peut arriver \u00e0 n&rsquo;importe quelle entreprise \u00e0 tout moment. C&rsquo;est pourquoi les pirates informatiques passent leurs journ\u00e9es \u00e0 fouiner et \u00e0 fouiller les r\u00e9seaux, \u00e0 la recherche de toutes les vuln\u00e9rabilit\u00e9s qui pourraient mettre en danger les donn\u00e9es priv\u00e9es des clients. Mais c&rsquo;est bizarre d&rsquo;entendre parler d&rsquo;un groupe chapeau blanc signalant 55 vuln\u00e9rabilit\u00e9s \u00e0 une entreprise, surtout lorsque l&rsquo;entreprise en question est Apple.<\/p>\n<p>Comme le rapporte <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/10\/white-hat-hackers-who-had-control-of-internal-apple-network-get-288000-reward\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Ars Technica<\/a>, un <a href=\"https:\/\/samcurry.net\/hacking-apple\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">groupe de pirates<\/a> dirig\u00e9 par <a href=\"https:\/\/twitter.com\/samwcyo\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Sam Curry<\/a>, 20 ans, a d\u00e9couvert 55 vuln\u00e9rabilit\u00e9s dans l&rsquo;infrastructure d&rsquo;Apple. Sur ces 55 bugs, 11 \u00e9taient &quot;critiques&quot;, ce qui signifie que Curry et son \u00e9quipe pouvaient les utiliser pour collecter des informations priv\u00e9es, des e-mails et des donn\u00e9es iCloud.<\/p>\n<p>Apple a trait\u00e9 pr\u00e8s de la moiti\u00e9 des vuln\u00e9rabilit\u00e9s signal\u00e9es par Curry, et s&rsquo;engage \u00e0 payer au moins 288 500 $ pour la d\u00e9couverte de ces bogues. Pourtant, Curry pr\u00e9dit qu&rsquo;Apple pourrait payer quelque chose \u00e0 hauteur de 500 000 $ une fois qu&rsquo;il aura r\u00e9solu tous les bogues. Franchement, c&rsquo;est un petit prix pour \u00e9viter une violation massive des donn\u00e9es.<\/p>\n<p>Parmi les autres chercheurs travaillant avec Curry figurent <a href=\"https:\/\/twitter.com\/bbuerhaus\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Brett Buerhaus<\/a>, <a href=\"https:\/\/twitter.com\/nahamsec\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Ben Sadeghipour<\/a>, <a href=\"https:\/\/twitter.com\/erbbysam\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Samuel Erb<\/a> et <a href=\"https:\/\/twitter.com\/_StaticFlow_\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Tanner Barnes<\/a>. Le groupe a pirat\u00e9 Apple pendant trois mois dans le cadre du <a href=\"https:\/\/developer.apple.com\/security-bounty\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">programme Apple Bug Bounty<\/a> et a r\u00e9dig\u00e9 <a href=\"https:\/\/samcurry.net\/hacking-apple\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">un rapport<\/a> d\u00e9taill\u00e9 d\u00e9taillant la mani\u00e8re dont les vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes. C&rsquo;est une bonne lecture, m\u00eame si c&rsquo;est assez long !<\/p>\n<p>Source: <a href=\"https:\/\/samcurry.net\/hacking-apple\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Sam Curry<\/a> via <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/10\/white-hat-hackers-who-had-control-of-internal-apple-network-get-288000-reward\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Ars Technica<\/a><\/p>\n<p><div id=\"PostUnique_PostSource\" style=\"padding-top: 50px\">Source d&rsquo;enregistrement:  <a target=\"_blank\" rel=\"noopener nofollow\" href=\"\/\/www.reviewgeek.com\" class=\"external external_icon\">www.reviewgeek.com<\/a><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Une faille de s\u00e9curit\u00e9 massive peut arriver \u00e0 n&rsquo;importe quelle entreprise \u00e0 tout moment. C&rsquo;est pourquoi les pirates informatiques passent leurs journ\u00e9es \u00e0 fouiner et \u00e0 fouiller les r\u00e9seaux, \u00e0 la recherche de toutes les vuln\u00e9rabilit\u00e9s qui pourraient mettre en danger les donn\u00e9es priv\u00e9es des clients. Mais c&rsquo;est bizarre d&rsquo;entendre parler d&rsquo;un groupe chapeau blanc signalant 55 vuln\u00e9rabilit\u00e9s \u00e0 une entreprise, surtout lorsque l&rsquo;entreprise en question est Apple.<\/p>\n","protected":false},"author":1,"featured_media":179628,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[],"tags":[],"class_list":["post-215815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/posts\/215815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/comments?post=215815"}],"version-history":[{"count":0,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/posts\/215815\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/media\/179628"}],"wp:attachment":[{"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/media?parent=215815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/categories?post=215815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/howtogeek.inform.com.de\/fr\/wp-json\/wp\/v2\/tags?post=215815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}