There is now a way for security researchers to gain (legal) access to unlocked iPhone test devices which do not have the usual protections surrounding arbitrary code execution and other defences. Access to ‘rooted’ hardware enables security researchers to inspect core parts of the operating system more easily, which helps to track down exploits in the kernel and other low-level areas of the iOS operating system. Apple announced its plans to do this almost a year ago.
Researchers can apply to get this special hardware here. As you might expect, Apple will only let applicants who have a previous history of tracking down security bugs in its platforms apply.
Naturally, the test devices remain the property of Apple and are leased on a rolling twelve-month basis. Apple suggests that there is a limited quantity of these devices available, so not everyone who applies this year will get one. But applications will automatically roll over for possible eligibility in 2021.
The Security Research Device are specially programmed to provide open access to a shell, in addition to the ability to deploy tools without being held to the usual arbitrary code execution limits of iOS.
This allows third-party researchers access to the same kind of hardware that Apple’s internal security teams examine. The ability to try and attack lower-security devices can help find exploits and vulnerabilities that would otherwise be obfuscated and difficult to track down.
Apple hopes that opening up the program will ultimately result in more security bugs being fixed in its operating systems, for the benefit of all of its customers. Developers with SRD hardware have an obligation to report discovered vulnerabilities to Apple directly. Submissions of security issues will be eligible for the usual bounty rewards, as appropriate.
FTC: We use income earning auto affiliate links. More.