Apple today launched a new security program that will make it more convenient for researchers to identify vulnerabilities in iPhones. The Apple Security Research Device Program will provide bug hunters a specialized iPhone built only for research purposes.
These research devices feature “unique code execution and containment policies”, meaning it will run in a controlled environment. The phones include capabilities not normally found on consumer iPhones such as shell access to let researchers run any tool. Of course, Apple retains ownership of the devices, which will be loaned to researchers for a year on a renewable basis. Device holders are not allowed to use the phones for personal use and outside their registered premises.
The new initiative is open to members of the Apple Developer Program with experience in identifying security issues with Apple or other platforms. Also, only researchers based in Australia, Austria, Belgium, Canada, Czech Republic, Denmark, Finland, France, Germany, Hungary, Ireland, Italy, Japan, Luxembourg, Netherlands, Norway, Poland, Portugal, Spain, Sweden, Switzerland, UK, and the U.S. can join the program. Applicants are subject to Apple’s review process and device availability is limited for the initial round of application.