The security experts participating in Apple’s Security Research Device (SRD) Program may soon be receiving their hacker-friendly iPhones. According to MacRumors, the tech giant has notified the first batch of participants that their SRD phones will be sent out right away. iPhones for the program behave like their standard counterparts, but they provide security researchers with more access so participants can run any tools they need to be able to find vulnerabilities.
Apple first announced the program back in July “to help improve security for all iOS users.” Researchers will get to keep the SRD phones they’re provided for 12 months, but it’s on a renewable basis if they want to keep participating after the year is up. They’re obligated to report any vulnerability they find, test or validate on the research device to Apple or to the developer if the bug is in a third-party code. That said, participants can still take part in Apple’s bug bounty program, which has payouts that reach $1 million. They can use their research devices to identify bugs and submit them for bounty.
Since the program has limited devices to distribute, the company only chose researchers with proven track record of success in finding security issues on Apple platforms from among the applicants. It sounds like the program will be around for a while, because the company says applicants who weren’t chosen for this round “will automatically be considered during the next application period in 2021.”
Update 12/23/20 11:50PM ET: Edited to clarify that researchers can use their SRD iPhones to identify and research vulnerabilities for Apple’s bounty program.