Apple Sending Special iPhones to First Participants in Security Research Device Program
Apple in July announced the launch of a new Apple Security Research Device Program, which is designed to provide researchers with specially-configured iPhones that are equipped with unique code execution and containment policies to support security research.
Apple is notifying the first researchers who will be receiving these special iPhones as of today, and the Cupertino company says that the devices will be sent out right away. Under the terms of the program, participating security researchers will be provided with iPhones that are on loan for one year, though it will be possible to extend the loan period.
The goal of the Security Research Device Program is to further improve the security of iOS, and Apple believes that the contributions of security researchers will assist the company in achieving its goal of increasing safety for consumers. Apple says that it values collaborating with independent researchers and appreciates the work they do on Apple platforms.
The iPhones Apple will provide are less locked down than consumer devices, which will make it easier for researchers to locate serious security vulnerabilities. These devices are as close as possible to production phones with the latest version of iOS and modern hardware. Researchers will not need to jailbreak the phones to do research, which will enable them to investigate platform security features, and they can run whatever tools they want to test the OS.
Program participants have access to extensive documentation and a dedicated forum with Apple engineers for collaborative purposes. The Security Research Device Program runs alongside the bug bounty program, so researchers who locate vulnerabilities can receive payouts of up to $1.5 million.
Related Stories
Last week, Apple announced the launch of its Find My network accessory program, allowing compatible third-party accessories to be tracked in the Find My app right alongside Apple devices. The first products that work with the Find My app will include the new Chipolo item tracker, new Belkin earbuds, and two electric bikes from VanMoof.
Given that VanMoof is based in the Netherlands, Dutch...
Ahead of the debut of AirTags and support for locating third-party Bluetooth items through Find My in iOS 14.5, a team of security researchers from the Secure Mobile Networking Lab at the Technical University of Darmstadt in Germany has reverse engineered the Find My protocol and developed an app that's designed to let anyone create an "AirTag" based on a Bluetooth-capable device.
Called...
Corellium, a mobile device company that supports iOS, this week won a significant victory in its legal battle against Apple. Apple last year sued Corellium for copyright infringement because the Corellium software is designed to replicate iOS to allow security researchers to locate bugs and security flaws.
According to The Washington Post, a Florida judge threw out Apple's claims that...
Facebook has announced that starting today, users on iOS and Android will have the ability to log into their account with a hardware security key, bringing a more than three-year-old feature for the desktop to mobile devices.
Since 2017, Facebook has allowed users to use a hardware security key to access their accounts on desktops. Mobile users, however, have remained limited to protecting ...
Starting with iOS 15 and iPadOS 15, which will be publicly released in the fall, security cameras and video doorbells that support HomeKit Secure Video can now detect and notify you when a package has been delivered.
HomeKit Secure Video, available on iOS 13.2 and later, leverages iCloud to securely stream and store video clips from compatible HomeKit-enabled indoor and outdoor cameras and...
Twitter will re-launch its long-awaited verification program next week, according to researcher Jane Manchum Wong.
Twitter verification has been a mainstay of the social media platform since 2009. A blue checkmark by a user's name indicates that they are verified, helping observers to distinguish genuine notable account holders, such as celebrities, politicians, or organizations, from...
Major carriers in the U.S. like Verizon, T-Mobile, and AT&T have made a change to how SMS messages are routed to put a stop to a security vulnerability that allowed hackers to reroute texts, reports Motherboard.
Carriers introduced the change after a Motherboard investigation last week revealed how easy it is for hackers to reroute text messages and use the stolen information to break into...
Apple is today launching a new Apple Security Research Device Program that's designed to provide security researchers with special iPhones that are dedicated to security research with unique code execution and containment policies.
Apple last year said it would be providing security researchers with access to "special" iPhones that would make it easier for them to find security...
Popular Stories
A bug in WebKit's implementation of a JavaScript API called IndexedDB can reveal your recent browsing history and even your identity, according to a blog post shared on Friday by browser fingerprinting service FingerprintJS.
In a nutshell, the bug allows any website that uses IndexedDB to access the names of IndexedDB databases generated by other websites during a user's browsing session....
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst.
Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
Apple today filed unreleased iPhone and iPad models in the Eurasian Economic Commission database, as spotted by French blog Consomac.
The filings likely represent the rumored third-generation iPhone SE, fifth-generation iPad Air, and potentially more. The unreleased iPhone models have the identifiers A2595, A2783, and A2784, while the unreleased iPad models have the identifiers A2588, A2589, ...
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December.
Apple does not offer details on what's included in new firmware updates for the AirPods, so we don't know what improvements or bug fixes the new firmware brings.
There is no standard way to upgrade the AirPods software, but firmware is...
Verizon and AT&T's upcoming rollout of new C-Band 5G technology could cause chaos and lead to widespread delays of passenger and cargo flights, major U.S. airlines said on Monday in a letter sent to the White House National Economic Council, the FAA, and the FCC (via Reuters).
"Unless our major hubs are cleared to fly, the vast majority of the traveling and shipping public will essentially...
Apple is planning to release a fourth-generation iPhone SE with a larger 5.7-inch display as early as 2023, according to display industry consultant Ross Young, who has proven to be a reliable source of information for future Apple products.
The fourth-generation iPhone SE has until now been rumored to launch in 2024, but Young now says a 2023 release is looking more likely....
A Tesla Model 3 owner has resorted to a workaround to implement Apple CarPlay in his vehicle, amid no sign of official support from Tesla (via Tesla North).
Apple CarPlay and Apple Music support are among the most-requested Tesla features, but with no indication that Tesla is willing to implement Apple CarPlay in its vehicles, Polish developer Michał Gapiński took matters into his own...
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara.
Citing reliables sources in China, the report claims that the new iPad Air could be...
Top Rated Comments
Generally I tend to trust public security researchers like this, since if they were interested in selling exploits to criminals... they wouldn't be public security researchers. They'd just do it quietly as a blackhat and not risk the exposure if someone they sell to gets caught or whatnot. Why make a big deal out of being a researcher then do something flagrantly illegal?
But even if you don't trust them, each one has to do the calculus: Other people have the same device I have. I find a bug that Apple is willing to pay $500,000 for and can get the payout for immediately, legally, no questions asked.
Or I can try to find some very wealthy criminal or state actor who is willing to pay $2,000,000 for it, launder the money, probably quit my job because people are probably going to ask questions if I flaunt it, and my buyer is going to have to be okay with the risk that one of the other researchers isn't going to find the same bug tomorrow.
All of which is to say that an illegal buyer is going to have to be either extremely rich or extremely confident that you're better than the other researchers working on the same problem to be willing to pay big for it, and you're going to be under a lot more scrutiny if you suddenly get rich.
See, Apple has protected the consumer and themselves, rippling into protecting privacy at large, by making sure that they don’t at all cost collect any sensitive or identifying information. I understand that one of the weakest links was iCloud but two factor authentication has increased security there... in other countries not having the information ready when asked could at best mean being displaced by a new puppet that would or even execution for treason at worst.
I come from Venezuela, in 2001 a petition was signed to let the president be let go, call it an impeachment of sorts... but that ended up in 20K+ workers getting axed from their positions, especially if linked to public sector or a private company with public sector contracts and ties, because the government basically used it as a trap to see who was on their side... I left a long time ago, but that happens often. From getting fired to kidnapped to never seen ever again.
Trust me when I say that no, the US is nowhere near close what happens in other countries, by far, I get the sentiment that it seems to steer in the wrong direction badly but it’s for sure on time for the proper corrections.