What you need to know
- Apple has started giving special iPhones to bug hunters.
- The iPhones are designed to make it easier for bug hunters to do their thing.
- Apple originally said it would do this in August 2019.
During the Black Hat security conference last year, Apple said that it intended to provide special iPhones to bug hunters. The idea was to help them find bugs so that Apple could squash them and the company is now coming good.
The Apple Security Research Device Program is now a thing (opens in new tab) and it will allow specially selected researchers to get their hands on devices that are built specifically with their needs in mind.
For starters, SSH access is available without the need for jailbreaking. And while these devices have previously existed inside Apple, this is the first time they've been made directly available to security researchers.
The Security Research Device (SRD) is intended for use in a controlled setting for security research only. Shell access is available, and you'll be able to run any tools and choose your entitlements. Otherwise, the SRD behaves as closely to a standard iPhone as possible in order to be a representative research target.
Apple is understandably controlling who gets their hands on these new iPhones, but don't worry. If you miss out this year you can apply again – but not until next year!
Participation in the Security Research Device Program is subject to review of your application. Device availability is limited. Devices will not be available for all qualified applicants in the initial application period. Qualified applicants who do not receive a device during this period will automatically be considered during the next application period in 2021.
Apple clearly hopes that by making it easier for researchers to find issues, those same researchers will take part in its bug bounty program and help Apple make iPhones more secure than ever. That's good news for all of us, not just Apple.
