It's hard to find an up to date price list, but the relative difficulty of breaking into these bits of software hasn't changed much:
Edit: More up to date prices are here:
My toaster is more secure.
Or maybe they wanted you to assume they meant within its product class.
Part of the requirements for joining apples program is probably to agree not to disclose vulnerabilities at all once discovered.
It makes sense when you think about it. Google pays Ian a salary to find bugs and treat them the way project zero wants. If Ian went to Apple, they would pay him a reward to treat the bugs the way they want. Trying to claim both is double-dipping.