Apple to Give Special ‘Dev Device’ iPhones to Security Researchers for Bug Testing
Apple will give jailbroken iPhones to third-party security researchers and hackers at the Black Hat security conference this week.
According to a new report from Forbes, Apple will announce plans to give iPhones to known hackers alongside the unveiling on its bug bounty program this week. The company is offering an impressive bounty of up to $200,000 USD to anyone able to identify security issues in Apple’s operating systems.
“The iPhones will be given to the rock star hackers that participate in the Cupertino company’s invitation-only bug bounty program, where participants disclose bugs in Apple products in return for monetary rewards,” reads the report. “The payments can go as high as $200,000, as announced at the 2016 Black Hat conference.”
The devices Apple is handing out to security researchers will essentially be “dev devices,” says one source familiar with the program. These iPhones will allow the user to do a lot more than they could on a traditionally locked-down iPhone. For instance, it should be possible to probe pieces of the Apple operating system that aren’t easily accessible on a commercial iPhone. In particular, the special devices could allow hackers to stop the processor and inspect memory for vulnerabilities.
Despite that level of openness, these iPhones will won’t be quite as unlocked as the devices seeded to internal Apple developers and members of its security team. For example, security researchers using these devices will likely not be able to decrypt iPhone firmware.
iPhone prototypes created for internal staff are very rare and popular with security researchers – these “pre-jailbroken devices” can fetch a hefty price as they can be used to find vulnerabilities by people with both good and bad intentions.
Apple’s decision to release such a device to white hat security researchers participating in the bug bounty program will allow the Cupertino company to more efficiently locate bugs, leading to faster fixes.