Apple announced the 2024 iPhone Security Research Device Program for interested researchers to tinker with the latest iPhone 14 Pros and surface any vulnerabilities as they find them.
All these findings will automatically be considered in the Apple Security Bounty, and be rewarded accordingly. The device is provided as a 12-month renewable loan, and should be handled with the authorised tester only, in his facility.
Apple’s Security Research Device Program
Apple this week announced a rewarding program for security researchers that identify bugs in their latest iPhones, calling it the Apple Security Research Device Program, and will send the iPhone 14 Pro for testing.
Interested security researchers can start applying for this program, which will end on October 31st. All the applications will be evaluated by the end of the year and selected candidates will be informed early next year.
Selected security researchers will work with Apple’s security teams to help protect users and their findings will automatically be considered for Apple Security Bounty rewards. The selection process involves studying the applicant’s track record in security research, including on platforms other than iPhone.
Universities too are allowed to participate and use the device and findings as instructional aid in Computer Science courses. The device – iPhone 14 Pro, comes with shell access and has disabled security features for tinkering as desired, including customising the kernel.
Given as a 12-month renewable loan, researchers can use the SRD(iPhone 14 Pro) to:
- Install and boot custom kernel caches.
- Run arbitrary code with any entitlements, including as platform and root outside the sandbox.
- Set NVRAM variables.
- Install and boot custom firmware for Secure Page Table Monitor (SPTM) and Trusted Execution Monitor (TXM), new in iOS 17.
Apple wants only the authorized people to handle the SRDs and it should never leave the premises of their research facility.
Other Trending News:- News
