Apple has decided to set up a program allowing security researchers to better track iPhone vulnerabilities, reports Numerama . Through the Security Research Device (SRD), the American giant will distribute iPhones different from those found on the market. These devices will be devoid of certain restrictions, which will allow researchers to save time tracking down vulnerabilities by launching hacking tools, without having to bypass the native defenses of the operating system.
Apple will provide this iPhone SRD in exchange for strict compliance with the specifications. Thus, candidates should have experience in finding vulnerabilities on iOS. If they are selected, specialists will be able to access additional tools provided by the American giant and will be able to consult forums specifically dedicated to these devices.
Apple wants to control everything
In addition, in case of discovery of flaws in their OS, Apple imposes restrictions which are difficult to pass with certain cybersecurity players. As soon as a vulnerability is discovered, the specialist will have to inform Apple according to a detailed procedure and remain silent. Indeed, "Apple requires itself to set the dates for the repair and disclosure process for vulnerabilities," reports Numerama .
This requirement is far removed from the habits of the IT security community. At Google Project Zero, researchers give companies a month and a half to fix the flaws, once they are disclosed. As a result, the Google unit, which is renowned in the field of vulnerability research, will not participate in the SRD program.
High Tech
Apple: The brand is committed to being completely carbon neutral by 2030
High Tech
Apple launches podcast, offers daily newsletter
- Science
- High Tech
- Piracy
- Iphone
- Apple