The security experts participating in Apple’s Security Research Device (SRD) Program may soon be receiving their hacker-friendly iPhones. According to MacRumors, the tech giant has notified the first batch of participants that their SRD phones will be sent out right away. iPhones for the program behave like their standard counterparts, but they provide security researchers with more access so participants can run any tools they need to be able to find vulnerabilities.
Apple first announced the program back in July “to help improve security for all iOS users.” Researchers will get to keep the SRD phones they’re provided for 12 months, but it’s on a renewable basis if they want to keep participating after the year is up. They’re obligated to report any vulnerability they find, test or validate on the research device to Apple or to the developer if the bug is in a third-party code. That said, participants can still take part in Apple’s bug bounty program, which has payouts that reach $1 million. They just have to make sure not to use their SRD iPhones for any aspect of the research they’re doing for the particular vulnerability they’re submitting.
Since the program has limited devices to distribute, the company only chose researchers with proven track record of success in finding security issues on Apple platforms from among the applicants. It sounds like the program will be around for a while, because the company says applicants who weren’t chosen for this round “will automatically be considered during the next application period in 2021.”
Author: Mariella Moon, @mariella_moon