Apple launches Security Research Device programme to help researchers find vulnerabilities in iPhones | HT Tech

Apple launches Security Research Device programme to help researchers find vulnerabilities in iPhones

For the first time, Apple has given such deep access to its operating system. Here is everything you need to know about Apple’s new Security Research Device programme.

By: HT TECH
| Updated on: Jul 23 2020, 11:28 IST
Apple is offering an iPhone dedicated exclusively to security research, with unique code execution and containment policies.
Apple is offering an iPhone dedicated exclusively to security research, with unique code execution and containment policies. (Picjumbo)

Apple has launched a new programme under which it is offering special research iPhones to security researchers. These units with deep access are aimed at helping researchers find and report security vulnerabilities.

These research iPhones feature a customised iOS operating system that is not available on commercial units. Researchers are granted access to SSH and root shell. The access is aimed at helping them run debugging tools and other codes to decode the operating system.

You may be interested in

MobilesTablets Laptops
4% OFF
Apple iPhone 15 Pro Max 1TB
  • Black Titanium
  • 8 GB RAM
  • 1 TB Storage
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
9% OFF
Apple iPhone 15 256GB
  • Black
  • 6 GB RAM
  • 256 GB Storage
9% OFF
Apple iPhone 15 Plus 256GB
  • Black
  • 6 GB RAM
  • 256 GB Storage

As TechCrunch notes, this is the first time Apple has given such deep access to outsiders. So far, researchers have relied on workarounds such as jailbreaking to access the internals.

Also read
Looking for a smartphone? To check mobile finder click here.

Apple on its website says the Security Research Device (SRD) will be given to eligible researchers on a 12-month renewable basis contract. These devices are not meant for daily usage and should always be kept within the premises of participants.

ALSO READ: Apple dials privacy at its annual developer conference

Another clause says that researchers or users of SRDs will need to report a vulnerability to Apple. Until a certain publication date (usually the date which Apple rolls out the fix for a bug), users cannot discuss the vulnerability with anyone else.

ALSO READ: Apple rejects 16 new Web APIs over privacy concerns

To be eligible for Apple's new SRD programme, you need to be a membership Account Holder in the Apple Developer Program. You need to have “a proven track record of success in finding security issues on Apple platforms, or other modern operating systems and platforms,” says Apple.

The new initiative is in addition to Apple's existing bug bounty programme which focuses on vulnerabilities in publicly available versions of iOS, iPad, macOS, tvOS, or watchOS.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 23 Jul, 11:28 IST
Tags:
NEXT ARTICLE BEGINS