Apple’s head of security Ivan Krstic announced last year at the Black Hat security conference that the company would give its most-trusted researchers ‘Dev Device’ iPhones to find and report security vulnerabilities that Apple can fix and today, it has started loaning these special devices to skilled and vetted researchers (via TechCrunch).
Under its iOS Security Research Device program, Apple is handing out these ‘hacker friendly’ research iPhones with specific, custom-built iOS software with features that ordinary iPhones don’t have, such as SSH access and a root shell to run custom commands with unprecedented access to the software.
Apple wants the program to be “more of a collaboration rather than shipping out a device and calling it a day.” Hackers in the research device program will also have access to extensive documentation and a dedicated forum with Apple engineers to answer questions and get feedback.
By giving its best hackers effectively an up-to-date and pre-jailbroken iPhone with some of its normal security restrictions removed, Apple wants to make it easier for trusted security researchers and hackers to find vulnerabilities deep inside the software that haven’t been found before.
But as much as these research phones are more open to hackers, Apple said that the devices don’t pose a risk to the security of any other iPhone if they are lost or stolen.
Apple says the research device program will run parallel to its existing bug bounty program.