One of the most well-known members of the Pangu jailbreak team, a.k.a @Daniel_K4, has declared on his personal Weibo (popular Chinese micro-blogging site) yesterday night (3 Nov, 2015 for those who said this is something old) that they never considered taking the challenge to win the Zerodium $1 million bounty.
It may not be a perfect translate from Chrome below but what he meant in this short blog is that:
- The reason why Zerodium purchased the 0-day jailbreak is not for public use (it is reported that it will be sold to Corporate and Govenment)
- For this matter of fact, they would not consider taking the challenge as there is “no meaning”
What was being quoted by Daniel here is from one of the slides shared by @INT80, one of the members of the Pangu jailbreak team, on his personal Weibo that team presented in the Ruxcon Security Conference in Melbourne held in late October, they had put up several crucial points on why they should not be the one who could got and have got the money, for instance, the jailbreak tool that they developed is mainly for end users, which in my opinion could be the “meaning” mentioned by Daniel. Additionally, they emphasized that Mobile Safari exploits are risky to be used for security reasons.
This also concurs with the report that Zerodium says Pangu iOS 9 jailbreak does not qualify for the bounty due to its nature by default.
So what do you think about this bounty? Who do you think has got the $1 million prize? K33n team? Or even Apple? Let me know in the comments.