Apple Sending Special iPhones to First Participants in Security Research Device Program
Apple in July announced the launch of a new Apple Security Research Device Program, which is designed to provide researchers with specially-configured iPhones that are equipped with unique code execution and containment policies to support security research.
Apple is notifying the first researchers who will be receiving these special iPhones as of today, and the Cupertino company says that the devices will be sent out right away. Under the terms of the program, participating security researchers will be provided with iPhones that are on loan for one year, though it will be possible to extend the loan period.
The goal of the Security Research Device Program is to further improve the security of iOS, and Apple believes that the contributions of security researchers will assist the company in achieving its goal of increasing safety for consumers. Apple says that it values collaborating with independent researchers and appreciates the work they do on Apple platforms.
The iPhones Apple will provide are less locked down than consumer devices, which will make it easier for researchers to locate serious security vulnerabilities. These devices are as close as possible to production phones with the latest version of iOS and modern hardware. Researchers will not need to jailbreak the phones to do research, which will enable them to investigate platform security features, and they can run whatever tools they want to test the OS.
Program participants have access to extensive documentation and a dedicated forum with Apple engineers for collaborative purposes. The Security Research Device Program runs alongside the bug bounty program, so researchers who locate vulnerabilities can receive payouts of up to $1.5 million.
Popular Stories
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, GameCube, Wii,...
A decade ago, developer Riley Testut released the GBA4iOS emulator for iOS, and since it was against the rules at the time, Apple put a stop to downloads. Emulators have been a violation of the App Store rules for years, but that changed on April 5 when Apple suddenly reversed course and said that it was allowing retro game emulators on the App Store. Subscribe to the MacRumors YouTube channel ...
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Top Rated Comments
Generally I tend to trust public security researchers like this, since if they were interested in selling exploits to criminals... they wouldn't be public security researchers. They'd just do it quietly as a blackhat and not risk the exposure if someone they sell to gets caught or whatnot. Why make a big deal out of being a researcher then do something flagrantly illegal?
But even if you don't trust them, each one has to do the calculus: Other people have the same device I have. I find a bug that Apple is willing to pay $500,000 for and can get the payout for immediately, legally, no questions asked.
Or I can try to find some very wealthy criminal or state actor who is willing to pay $2,000,000 for it, launder the money, probably quit my job because people are probably going to ask questions if I flaunt it, and my buyer is going to have to be okay with the risk that one of the other researchers isn't going to find the same bug tomorrow.
All of which is to say that an illegal buyer is going to have to be either extremely rich or extremely confident that you're better than the other researchers working on the same problem to be willing to pay big for it, and you're going to be under a lot more scrutiny if you suddenly get rich.
See, Apple has protected the consumer and themselves, rippling into protecting privacy at large, by making sure that they don’t at all cost collect any sensitive or identifying information. I understand that one of the weakest links was iCloud but two factor authentication has increased security there... in other countries not having the information ready when asked could at best mean being displaced by a new puppet that would or even execution for treason at worst.
I come from Venezuela, in 2001 a petition was signed to let the president be let go, call it an impeachment of sorts... but that ended up in 20K+ workers getting axed from their positions, especially if linked to public sector or a private company with public sector contracts and ties, because the government basically used it as a trap to see who was on their side... I left a long time ago, but that happens often. From getting fired to kidnapped to never seen ever again.
Trust me when I say that no, the US is nowhere near close what happens in other countries, by far, I get the sentiment that it seems to steer in the wrong direction badly but it’s for sure on time for the proper corrections.