For years, Apple has been promoting its devices safer than its competitors, often by restricting access to its software, but is now ready to take a different path, and it will begin lending iPhones for the "SRD" to security researchers. So that they can discover the vulnerabilities of the device.
It is assumed that private security search phones will only be used by a controlled setup, and will have unprecedented access that regular iPhones do not have, such as access to the "shell root", and the ability to run custom software commands. Apple said that the phones are not designed for personal use, and should remain at the researchers ’headquarters at all times. In other words, this is not intended to be carried out.
The company said that if researchers find a vulnerability through the use of these phones, they must inform Apple or an appropriate third party if it is in a third party code, which means that the vulnerabilities will not be revealed to the public.
Apple will then attempt to resolve the issue and provide a "publish date" with these vulnerabilities after fixing them. Until then, researchers cannot share their findings with others. Techcrunch also reported that program participants will have access to comprehensive documentation and a dedicated forum with Apple engineers.
It is noteworthy that these devices will be available in limited form by Apple, and researchers need to submit an application to participate in the program.
The candidate must be an Apple Developer Program account holder, have a proven track record in discovering security issues, and be based in a country or region eligible to participate.
The Safety Search Appliance program will run in conjunction with the Error Rewards program, which was opened to all researchers last year. Participants can submit safety error reports and are likely to receive rewards of up to $ 1 million.