Apple's Hacker-Friendly iPhones Help Uncover 100+ iOS Bugs
An Apple program that loans out special iPhones to security researchers has led to the discovery of 130 critical vulnerabilities.
Apple today reported the results from its iPhone Security Research Device Program, which dates back to 2019 and involves Cupertino supplying hacker-friendly iPhones built with fewer software restrictions to security researchers who hunt for bugs in the software.
It’s unclear how many phones Apple sent out, but it looks like the program is working as intended. “Since we launched the program in 2019, SRDP researchers have discovered 130 high impact, security-critical vulnerabilities and their insights have helped us implement novel mitigations to protect our platforms,” the company wrote in a blog post.
Apple is indicating that 37 vulnerabilities were found in the last six months. The researchers' work also contributed to the company bolstering the security of the XNU kernel for iOS, the core part of the operating system that hackers often target to gain root control.
Cupertino made the announcement as it’s re-inviting qualified security researchers to apply for the program. The company has been giving out the hacker-friendly iPhones selectively because the devices come with shell access, allowing the owner to run any software they’d like. Users also have the freedom to customize the software kernel.
This unrestricted access makes the device both useful to security researchers and criminal hackers interested in uncovering iOS software vulnerabilities. Hence, Apple has only been loaning out a limited number of hacker-friendly iPhones each year and only to security researchers with a track record of finding software flaws.
In return, Apple has been compensating these researchers for their
Read more on pcmag.com
