Agencies-Gaza post
Financial reward from Apple for Algerian hacker who discovered two serious vulnerabilities in the operating system
The American company Apple celebrated an Algerian youth who exposed one of the dangerous vulnerabilities in its security system, and included his name twice on its honor list, which it publishes on its website.
Apple said via its technical support website – “Apple publishes this list in appreciation and thanks to those who have reported potential security problems in our web servers.
The company publishes the discovered vulnerabilities every 3 months after the problem is identified and addressed” and followed it with the names of the people who reported the vulnerabilities who Among them was Abdel Qader Moez.
Describing the achievement, Moez wrote, “Praise be to God, by whose grace good deeds are accomplished, I achieved today one of the best achievements during my career, which I will be proud of because I was able to do it twice.”
Bloggers and tweeters on social media platforms praised what Moez did and called on the Algerian authorities to pay more attention to his talent and nurture it in order to benefit from it in the future.
Abdel Qader had published a blog last month in which he said that he was able to prove that the loophole was real and had an impact, and Apple agreed to it and gave him a financial reward.
The Algerian hacker identified the type of vulnerabilities he discovered, which are cross-site scripting, or as it is known for short as “xss”.
This type of attack works on computer systems, and we find it especially in Internet applications through the so-called injection programming, in which some hackers resort to inserting some code for the pages viewed by others.
They try to tamper with some of the main principles in the system such as access control, or try to seize sensitive and important information.
Moez clarified the two vulnerabilities used the same technology, but the second and most dangerous vulnerability included the administrator’s account and not the account of an ordinary user, which allowed him to access sensitive information about some users.
Moez added at his Facebook page that it seems that these loopholes were on Apple sites and not specific to phones or other devices belonging to the American company.
