Apple to Give Security Researchers 'Special' iPhones for Bug Testing, macOS Bug Bounty Program Coming

by

Apple is planning to give security researchers access to special iPhones that will make it easier for them to find security vulnerabilities and weaknesses, reports Forbes, citing sources with knowledge of Apple's plans.

Apple is going to announce the new program at the Black Hat security conference in Las Vegas, which kicked off earlier this week and is continuing until Thursday.

iphonexrcolors1
The "special" iPhones will be similar to "dev devices," aka iPhones that are not as locked down and that will better allow security researchers to locate bugs.

What makes these iPhones special? One source with knowledge of the Apple announcement said they would essentially be "dev devices." Think of them as iPhones that allow the user to do a lot more than they could on a traditionally locked-down iPhone. For instance, it should be possible to probe pieces of the Apple operating system that aren't easily accessible on a commercial iPhone. In particular, the special devices could allow hackers to stop the processor and inspect memory for vulnerabilities. This would allow them to see what happens at the code level when they attempt an attack on iOS code.

The iPhones won't be identical to the developer iPhones that are provided to Apple's internal staff, as they won't be as open. They are described as "lite" versions of the developer devices by Forbes, with security researchers unlikely to be able to decrypt the iPhone's firmware.

‌iPhone‌ prototypes created for Apple's internal staff are popular with security researchers and hackers and can fetch quite a lot of money, as noted in a report earlier this year from Motherboard. Described as "pre-jailbroken devices," the iPhones are valuable because they can be used to find vulnerabilities both by those who have good intentions and those who have bad intentions.

Releasing a similar device to security researchers who participate in the bug bounty program will perhaps allow Apple to better locate serious bugs, leading to faster fixes.

Apple is also planning to announce a new macOS bounty program, which will provide rewards to people who find and report security vulnerabilities in macOS.

Apple's announcements could perhaps come on Thursday, which is when Ivan Krstić, Apple's head of security engineering, is set to offer a "Behind the Scenes" look at iOS and macOS.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article81 comments
iPhone 17 Plus Feature Purple

iPhone 17 Rumored to Feature Mechanical Aperture

Tuesday July 23, 2024 9:32 am PDT by
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Read Full Article60 comments

Top Rated Comments

SRLMJ23 Avatar
SRLMJ23
65 months ago
About damn time Apple offered a bug bounty program for macOS!

:apple:
Score: 13 Votes (Like | Disagree)
Quu Avatar
Quu
65 months ago
This is really great news. They are serious about our security and it shows.
Score: 6 Votes (Like | Disagree)
szw-mapple fan Avatar
szw-mapple fan
65 months ago
I am now a researcher. Where is my phone? lol
If you're the kind of researcher Apple would send a phone to, the cost of an iPhone would be peanuts to you :p
Score: 3 Votes (Like | Disagree)
jzuena Avatar
jzuena
65 months ago
I was planning on going to Ivan Krstic's "Behind The Scenes of iOS and Mac Security" Thursday at 12:10 anyway. We'll see if they make the announcement then.
Score: 2 Votes (Like | Disagree)
MrTemple Avatar
MrTemple
65 months ago
Producing vulnerable phones? Will they ever stop copying Android?
Score: 2 Votes (Like | Disagree)
Shirasaki Avatar
Shirasaki
65 months ago
Producing vulnerable phones? Will they ever stop copying Android?
I am amazed that even in 2019, this “android copy iOS” “iOS copy android” narrative is still around. Are we still in 2012?
About damn time Apple offered a bug bounty program for macOS!

:apple:
Yeah, especially macOS is a such “unpatched” operating system, security wise.
So they’re basically giving out jail broken iPhones? Wonder how much those will end up going for on the black market afterwards...
Nope. This is less locked down but not “jailbroken iPhone”. I guess these iPhones are registered and can download special iOS version OTA or something.
Internal testing iPhone, however, will still be quite popular in black market.
Score: 2 Votes (Like | Disagree)
Read All Comments