Apple Invites Researchers to Apply for Special iPhone Designed for Finding Vulnerabilities

Apple today announced that it is accepting applications for its 2024 iPhone Security Research Device Program, allowing security researchers to get specialized Apple devices that make it easier to find critical iOS vulnerabilities.

apple security research program
The ‌iPhone‌ Security Research Device Program (SRDP) has been around since 2019, and researchers have used it to locate 130 high-impact security vulnerabilities. Apple says that researchers have helped it to implement "novel mitigations" for protecting iOS devices.

Over the course of the last six months, program participants have received 37 CVE credits for their findings, and have contributed to improvements for the XNU kernel, kernel extensions, and XPC services.

Researchers who participate in the SRDP are eligible for Apple Security Bounty payouts. Apple has rewarded more than 100 reports from SRDP researches, and says that "multiple awards" have reached $500,000 with a median award of close to $18,000.

The iPhone 14 Pro research devices that Apple provides to participants feature special hardware and software designed for security research. Researchers are able to configure or disable the iOS security protections to manipulate them in ways not possible with a standard ‌iPhone‌.

SRDs are available to security researchers who have a track record in security research both on the ‌iPhone‌ and other platforms, plus Apple is making devices available to university educators who want to use it as a teaching tool for computer science students.

Apple selects a limited number of participants each year to receive a research device, and applications are open until October 31, 2023. Selected participants will be notified in early 2024.

Popular Stories

Generic iOS 18 Feature Real Mock

iOS 18 Available Now With These 8 New Features For Your iPhone

Sunday September 15, 2024 10:09 am PDT by
Following over three months of beta testing, iOS 18 was finally widely released to the public on Monday, September 16. The update is available in the Settings app under General → Software Update on the iPhone XS and newer. Below, we have highlighted eight key new features included in iOS 18, and Apple shared a complete list of new features and changes last week. Note that Apple...
iOS 18 Public Beta Thumb 1

Here's When iOS 18 Rolls Out Today in Every Time Zone

Monday September 16, 2024 3:56 am PDT by
It's that time of year again. Apple is about to release iOS 18, which promises to bring a range of new features and improvements to iPhones worldwide. It's Apple's biggest software update of the year, and the company is expected to release it sometime today – Monday, September 16. Based on past releases, the update is likely to drop at around 10:00 a.m. Pacific Time/1:00 p.m. Eastern...
iOS 18 Apple Account Name Feature 2

RIP, Apple ID

Tuesday September 17, 2024 3:18 pm PDT by
The "Apple ID" era is officially over. The transition from "Apple ID" to "Apple Account" went from a rumor to an official announcement to something that has now been fully completed. As of this week, the account.apple.com website is fully updated with Apple Account branding. "Apple ID is now Apple Account," the page says. "You can still sign in with the same email address or phone...
M4 Mac mini Black Ortho Cooler

Apple Leaks New Mac Mini With 5 USB-C Ports

Monday September 16, 2024 11:40 am PDT by
Apple has seemingly leaked the rumored next-generation Mac mini with five USB-C ports, according to a code change within Apple software that was discovered today by MacRumors contributor Aaron Perris. The code refers to an unreleased Mac mini model with an Apple silicon chip and five ports, which lines up with a previous report from Bloomberg's Mark Gurman that said the next Mac mini will be ...
apple silicon mac lineup wwdc 2022 feature purple

M4 Macs, New iPad Mini, and iPad 11 Expected at Upcoming Apple Event

Sunday September 15, 2024 5:29 am PDT by
Apple will likely hold another event in October this year to announce new Macs and iPads. If so, it would be the fourth time in the last five years that Apple has held an event in October. Last year, Apple held a virtual event on Monday, October 30 to announce new MacBook Pro and iMac models with the M3 series of chips. In his Power On newsletter today, Bloomberg's Mark Gurman reiterated...
16 pro

iPhone 16 Pro Demand Has Been Lower Than Expected, Analyst Says

Sunday September 15, 2024 3:58 pm PDT by
Apple analyst Ming-Chi Kuo today said demand for the iPhone 16 Pro and iPhone 16 Pro Max has been "lower than expected" since the devices became available to pre-order in the U.S. and dozens of other countries on Friday. Kuo said his data is based on a "supply chain survey" and shipping estimates listed on Apple's online store. Kuo estimated that sales of all four iPhone 16 models reached...

Top Rated Comments

3530025 Avatar
14 months ago
Very nice! Hopefully this is going to make iOS even more secure!
Score: 10 Votes (Like | Disagree)
Spaceboi Scaphandre Avatar
14 months ago
Mmm I love a good terminal.

Wish I could get my hands on this iPhone. The fun things I could do with an iPhone that had root access just has me salivating.

Alas, I'll just have to wait until Apple's forced to enable sideloading next year.
Score: 10 Votes (Like | Disagree)
3530025 Avatar
14 months ago

Alas, I'll just have to wait until Apple's forced to enable sideloading next year.
This! Sideloading will get iPhone to another level.

And the best thing is - it is optional. You don't have to sideload anything if you don't want to!
Score: 10 Votes (Like | Disagree)
MrENGLISH Avatar
14 months ago

I can only show you the door. You're the one who has to walk through it.
Score: 9 Votes (Like | Disagree)
now i see it Avatar
14 months ago
and of course, one of these phones doesn’t end up in the hands of a nation-state hacker. Of course not.
Score: 8 Votes (Like | Disagree)
3530025 Avatar
14 months ago

You say you don’t understand the argument. And you don’t understand the difference.

I’m going to try to explain…

Tech enthusiasts can already get pretty much whatever they need onto their iPhones.

But tech novices (a HUUUUGE portion of iOS users) cannot.

After sideloading is built-in it becomes MUCH easier to do it. For everybody.

A few years after sideloading everybody is going to have a way to save 30% if you follow the three steps on their site to sideload their app instead of getting it through the AppStore. Netlix/Disney+, Epic Games, whatever the latest fad AI app or messaging plugin or whatever, they’ll all have a strong incentive for themselves and their customers to do it.

And plenty will sideload. It will become part of using an iPhone.

This isn’t a HUGE problem for those trusted developers. But it’s the normalized behaviour that opens the door for tons more malware installs.

Grandpa Jim has sideloaded his MLB app before to save $30, I guess he has to do it again to get the MLB playoffs update. Only it’s malware disguised as from MLB.

These tech novices don’t install apps on their macs (if they even have PCs), they certainly don’t install Mac apps from outside the AppStore.

A HUGE portion of the iPhone user base (at least 90%) are nowhere near as tech savvy as you or me, and probably at least half of them are Grampa Jims.

TL;DR: Having effectively no way for Grampa Jim to get himself in trouble with malware means the iPhone is safe for that hundred million people who know nothing about tech. Opening up sideloading for us nerds (who don’t actually NEED it to sideload), means you make the iPhone MASSIVELY less safe for the 100M Grampa Jims.
Well your whole post is not based on facts but on massive assumptions.


* You automatically assume it will be much easier to sideload. Yet you don't have any factual data to this. It may be behind multiple warnings and settings and you may require to do some stuff (i.e. allow it manually via computer) in order to allow this. There's no exact specification out yet, so we don't know how exactly will sideload work.
* You assume plenty will sideload. This just does not have any factual basis. Many Apple users trust the ecosystem and Apple claims about security of App Store. We really don't know how widespread will sideload be. It may be minority thing.
* You assume grandpa Jim sideload just to save $30. Where would grandpa Jim get this app? Is he browsing torrents or warez sites? Really? Does he really want to go beyond Apple ecosystem and convenience just to save $30 when he bought 1000 USD phone already?
* You assume there will be no security measure in place when installing potential malware to your device. There easily may be.
* You forget about sandbox. iPhone has sandbox built in. No app is able to access other app's data or features that you did not allow permissions to.


So I disagree with you, because it's just your assumptions and your opinions without any factual base at this point. You may be right, but you may be totally wrong too.
Score: 6 Votes (Like | Disagree)