Security News > 2020 > July > Apple Offers Hackable iPhones to Security Researchers
Apple this week kicked off another initiative meant to improve the security of iPhones, by offering hackable phones to security researchers.
Specifically designed for security researchers, these devices feature unique code execution and containment policies and are offered as part of the company's Security Research Device program, which was initially announced in December last year.
Security researchers looking to identify iOS vulnerabilities on SRD iPhones will enjoy shell access and the possibility to run the tools they want.
Apple encourages researchers to report security bugs even if they were not discovered with the use of an SRD. All vulnerabilities found on these iPhones are considered eligible for monetary rewards as part of the Apple Security Bounty program, which has been accessible to the public for a while.
While Apple claims to have launched the program to attract security researchers interested in identifying holes in its platform, some of the restrictions will keep proven bug hunters away from SRD. Google's Project Zero researchers won't be able to participate, as they tend to publish vulnerability details 90 days after disclosure, regardless of whether a patch has been released or not.
News URL
Related news
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Fraudsters imprisoned for scamming Apple out of 6,000 iPhones (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- WeChat devs introduced security flaws when they modded TLS, say researchers (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple creates Private Cloud Compute VM to let researchers find bugs (source)
- Germany drafts law to protect researchers who find security flaws (source)