To detect security holes in the iOS ecosystem, for years, Apple has been using unique iPhones with a lower security status, and now the company wants to make these devices accessible to external security experts as a part of a new security program.
Apple has been ensuring the security of its iPhones for over ten years. This happens primarily because the manufacturer largely prohibits access to the software core. This process works quite well for the end-user but has always annoyed external security experts.
As part of this new “Apple Security Research Device Program,” the external security experts or bug hunters will receive features that were previously unavailable, including SSH access, as well as a root shell that makes commands executable at the system level.
In addition, this unique open iPhones, which Apple prefers to call the “Security Research Device” (SRD), should include debugging tools that simplify troubleshooting. Although, the devices available in limited numbers.
But the device is not available for every security researcher out there. Apple revealed that it would provide a select group of vetted, eligible security researchers with this special iPhones. So we can say only those members of the developer program who can look back on a successful career as a security vulnerability finder are eligible.
Interested researchers must submit an application to participate in the Security Research Device program, which will involve a review on Apple’s part and ultimately a decision about who gets in.
The SRD is not approved for everyday use. The devices may only be used by developers previously approved by Apple. In addition, the participants in the device program must undertake to report any security holes discovered directly to Apple. However, the rewards from the bug bounty program apply.