Ian Beer

Last updated March 16, 2021

Ian Beer is a British computer security expert and white hat hacker, currently residing in Switzerland and working for Google as part of its Project Zero.^[1] He has been lauded by some as one of the best iOS hackers.^[2] Beer was the first security expert to publish his findings under the "Project Zero" name in the spring of 2014;^[3] at this time, the project was not yet revealed and crediting the newly discovered vulnerabilities to it led to some speculation.^[1]

He is known for discovering a large number of security vulnerabilities in Apple products, including iOS,^[1] Safari ^[3] and macOS,^[4] as well as helping create jailbreaks for iOS versions.^[5]^[6] One such discovery forced Apple to rewrite significant parts of the macOS and iOS kernel.^[7] Beer is also a vocal critic of Apple concerning its bug bounty program for iOS announced in 2016.^[8]^[9] The invite only program has been accused of low payouts.^[8] Beer has also criticized the company for not disclosing to its users why updates that fix the bugs should be installed.^[10]

Related Research Articles

Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations.

iOS is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone and iPod Touch; the term also included the versions running on iPads until the name iPadOS was introduced with version 13 in 2019. It is the world's second-most widely installed mobile operating system, after Android. It is the basis for three other operating systems made by Apple: iPadOS, tvOS, and watchOS. It is proprietary software, although some parts of it are open source under the Apple Public Source License and other licenses.

The version history of the mobile operating system iOS, developed by Apple Inc., began with the release of iPhone OS 1 for the original iPhone on June 29, 2007. Since its initial release, it has been used as the operating system for iPhone, iPad, iPod Touch, and HomePod, seeing continuous development since then, resulting in new major releases of the software typically being announced at the annual Apple Worldwide Developers Conference and later released in September, coinciding with the release of new iPhone models. The latest stable version, iOS 14.4.1, was released on March 8, 2021. The latest beta version, iOS 14.5 beta 4, was released on March 15, 2021.

The Pwnie Awards recognize both excellence and incompetence in the field of information security. Winners are selected by a committee of security industry professionals from nominations collected from the information security community. The awards are presented yearly at the Black Hat Security Conference.

Jailbreaking refers to privilege escalation on an Apple device to remove software restrictions imposed by Apple on iOS, iPadOS, tvOS, watchOS, bridgeOS and audioOS operating systems. Typically it is done through a series of kernel patches. A jailbroken device permits root access within the operating system and provides the opportunity to install software not available through the iOS App Store. Different devices and versions are exploited with a variety of tools. Apple views jailbreaking as a violation of the End-user license agreement, and strongly cautions device owners from attempting to achieve root access through exploitation of vulnerabilities.

Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference. First held in April 2007 in Vancouver, the contest is now held twice a year, most recently in November 2019. Contestants are challenged to exploit widely used software and mobile devices with previously unknown vulnerabilities. Winners of the contest receive the device that they exploited and a cash prize. The Pwn2Own contest serves to demonstrate the vulnerability of devices and software in widespread use while also providing a checkpoint on the progress made in security since the previous year.

Jay Ryan Freeman is an American businessman and software engineer. He is known for creating the Cydia software application and related software for jailbroken iOS—a modified version of Apple's iOS that allows for the installation and customization of software outside of the regulation imposed by the App Store system.

JailbreakMe is a series of jailbreaks for Apple's iOS mobile operating system that take advantage of flaws in the Safari browser on the device, providing an immediate one-step jailbreak unlike more common jailbreaks, such as Blackra1n and redsn0w, that require plugging the device into a computer and running the jailbreaking software from the desktop. Jailbreaking allows users to install software that is not approved by Apple on their iPod Touch, iPhone, and iPad; JailbreakMe automatically includes Cydia, a package management interface that serves as an alternative to the App Store.

AirDrop is a proprietary ad-hoc service in Apple Inc.'s iOS and macOS operating systems, introduced in Mac OS X Lion and iOS 7, which can transfer files among supported Macintosh computers and iOS devices without using e-mail or a mass storage device.

iMessage is an instant messaging service developed by Apple Inc. and launched in 2011. iMessage functions exclusively on Apple platforms: macOS, iOS, iPadOS, and watchOS.

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

The Pangu Team, is a Chinese programming team in the iOS community that developed the Pangu jailbreaking tools. These are tools that assist users in bypassing device restrictions and enabling root access to the iOS operating system. This permits the user to install applications and customizations typically unavailable through the official iOS App Store.

Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014.

iOS 9 is the ninth major release of the iOS mobile operating system developed by Apple Inc., being the successor to iOS 8. It was announced at the company's Worldwide Developers Conference on June 8, 2015, and was released on September 16, 2015. It was succeeded by iOS 10 on September 13, 2016.

Zerodium is an American information security company founded in 2015 based in Washington, D.C. and Europe. Its main business is developing and acquiring premium zero-day exploits from security researchers, and reporting the research, along with protective measures and security recommendations, to its government clients as part of the ZERODIUM Zero Day Research Feed.

Benjamin Kunz Mejri is a German IT security specialist and penetration tester. His areas of research include vulnerabilities in computer systems, bug bounties, the security of e-payment payment services and privacy protection. Mejri is known for uncovering new zero-day vulnerabilities and making them transparent to the public.

Pegasus is spyware that can be installed on devices running some versions of iOS, Apple's mobile operating system, as well on devices running Android. It was developed by the Israeli cyberarms firm NSO Group.

Ben Hawkes is a computer security expert and white hat hacker from New Zealand, currently employed by Google as manager of their Project Zero.

The iOS mobile operating system developed by Apple Inc. has had a wide range of bugs and security issues discovered throughout its lifespan, ranging from security exploits discovered in most versions of the operating system related to the practice of jailbreaking, as well as bypassing the user's lock screen, to issues relating to battery drain, to crash bugs encountered when sending photos or certain Unicode characters via text messages sent through the Messages application, and general bugs and security issues later fixed in newer versions of the operating system.

References

1 2 3 Greenberg, Andy (15 July 2014). "Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers". Wired.com . Retrieved 4 January 2015.
↑ Koebler, Jason; Franceschi-Bicchierai, Lorenzo (9 August 2018). "Google Hacker Asks Tim Cook to Donate $2.45 Million In Unpaid iPhone Bug Bounties". Motherboard. Retrieved 8 March 2019.
1 2 Schmidt, Jürgen (15 July 2014). "Google schickt Elite-Hacker auf die Jagd nach Sicherheitslücken". Heise Security (in German). Retrieved 19 March 2017.
↑ Donath, Andreas (26 October 2016). "Sicherheitslücken: macOS Sierra 10.12.1 unbedingt aufspielen - UBERGIZMO DE". de.ubergizmo.com (in German). Retrieved 19 March 2017.
↑ Popa, Bogdan. "First iPhone 7 Jailbreak (iOS 10.1.1) Now Available for Download". softpedia. Retrieved 19 March 2017.
↑ Becker, Leo (22 December 2016). "Yalu: Erster öffentlicher Jailbreak für iOS 10". Heise Security (in German). Retrieved 19 March 2017.
↑ Chirgwin, Richard (27 October 2016). "How Google's Project Zero made Apple refactor its kernel". The Register . Retrieved 19 March 2017.
1 2 Bradbury, Danny (5 March 2019). "Security Researcher Changes Mind over Apple Bug". Infosecurity Magazine. Retrieved 8 March 2019.
↑ Leswing, Kif. "An elite Google hacker is directly challenging Apple CEO Tim Cook to donate over $2 million to charity". Business Insider. Retrieved 8 March 2019.
↑ Tung, Liam (19 October 2018). "Google warns Apple: Missing bugs in your security bulletins are 'disincentive to patch'". ZDNet. Retrieved 8 March 2019.

This article on a computer specialist of the United Kingdom is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[wired-1] 1 2 3 Greenberg, Andy (15 July 2014). "Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers". Wired.com . Retrieved 4 January 2015.

[2] Koebler, Jason; Franceschi-Bicchierai, Lorenzo (9 August 2018). "Google Hacker Asks Tim Cook to Donate $2.45 Million In Unpaid iPhone Bug Bounties". Motherboard. Retrieved 8 March 2019.

[:0-3] 1 2 Schmidt, Jürgen (15 July 2014). "Google schickt Elite-Hacker auf die Jagd nach Sicherheitslücken". Heise Security (in German). Retrieved 19 March 2017.

[4] Donath, Andreas (26 October 2016). "Sicherheitslücken: macOS Sierra 10.12.1 unbedingt aufspielen - UBERGIZMO DE". de.ubergizmo.com (in German). Retrieved 19 March 2017.

[5] Popa, Bogdan. "First iPhone 7 Jailbreak (iOS 10.1.1) Now Available for Download". softpedia. Retrieved 19 March 2017.

[6] Becker, Leo (22 December 2016). "Yalu: Erster öffentlicher Jailbreak für iOS 10". Heise Security (in German). Retrieved 19 March 2017.

[7] Chirgwin, Richard (27 October 2016). "How Google's Project Zero made Apple refactor its kernel". The Register . Retrieved 19 March 2017.

[:1-8] 1 2 Bradbury, Danny (5 March 2019). "Security Researcher Changes Mind over Apple Bug". Infosecurity Magazine. Retrieved 8 March 2019.

[9] Leswing, Kif. "An elite Google hacker is directly challenging Apple CEO Tim Cook to donate over $2 million to charity". Business Insider. Retrieved 8 March 2019.

[10] Tung, Liam (19 October 2018). "Google warns Apple: Missing bugs in your security bulletins are 'disincentive to patch'". ZDNet. Retrieved 8 March 2019.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]