Apple Is Giving Away New Hacker-Friendly iPhones
Credit: Hadrian / ShutterstockToggle Dark Mode
Apple is known for its robust security. It typically sees fewer viruses and is less susceptible to attack than competing operating systems like Windows or Android. Apple’s growing use of security experts and hackers is one reason why iOS and macOS are secure. Now, the company is going one step further with new hacker-friendly iPhones designed to make it easier to find vulnerabilities.
According to TechCrunch, Apple’s new “open access” iPhone will be in the hands of the world’s best and most trusted security researchers for testing. These loaners will make it easy for experts to find, identify, and test flaws in iOS.
Not everyone who requests this phone will be given one. Apple is limiting this program to the researchers that meet the program’s strict requirements.
What Makes These iPhones So Unique?
These developer-mode iPhones ship with a custom version of iOS with access to core iOS functions. Researchers will have SSH and root access with shell command support. They can run custom commands and use the debugging tools to isolate and understand any security flaws they find.
This program is considered to be a collaborative effort between Apple and the security researchers. Security researchers will have access to Apple’s documentation and an exclusive forum to ask questions and receive answers from Apple engineers.
These open access phones are not new to Apple, though. The company regularly uses these development phones to test software and hardware features before they are released publicly. These phones occasionally make their way out of the research lab and into underground marketplaces.
This new program is an extension of another security initiative that paid hackers for finding flaws in Apple’s software. This “bug bounty” program paid researchers using a sliding scale based on the severity of the flaw. Hackers part of Apple’s new iPhone testing program are still encouraged to submit vulnerabilities they find and receive payments, reaching as much as $1 million for a zero-day vulnerability.
