Apple has provided its customers with the iPhone, which is one one the most secure mobile device on the market. The big tech company has updated its software with strong security features that keep its 2 billion iPhone users safe for the past years.
However, security researchers claimed that the updates will also make it impossible to find out want went wrong if the security features are breached. Techcrunch reported that Apple, which is one of the companies that claimed to be unbreachable, has started embracing hackers and security researchers in recent years.
Ivan Krstic, Apple’s head of security, told the crowd of security researchers at the Black hat security conference last year, that the company would give a “special” iPhone, with unprecedented access to the device’s underbelly, to its most-trusted researchers. The new iPhone product will make it easier to find and report the security issues, which Apple can integrate its iOS Security Research Device Program.
The company will start loaning its special research iPhones to vetted and skilled researchers n July 23, that meet the program’s eligibility. Specific, custom-built iOS software with features will be integrated into the research iPhones. SSH access and a root shell to run custom commands with the highest access to the software are included in the features.
Security researchers will also be able to run their codes more easily using the debugging tools, allowing them to have a better understanding of what is happening in the security’s surface. A collaboration of the program is expected by Apple, rather than shipping out the device and calling it a day. Security researchers will work together with Apple engineers, accessing documentation and a dedicated forum.
How will Apple create these special iPhones?
Some internal devices “dev-fused” were found to be tested and exploited in the underground marketplaces, by the security researchers. Those researchers who were not lucky to access the internal devices used “jailbreaking” to breach an ordinary iPhone to have accessibility.
However, the security researchers cannot use jailbreaks in the recent versions of the iPhone, making it more difficult for them to identify if the found vulnerabilities can be exploited or fixed. Apple still wants its trusted researchers and hackers to find vulnerabilities deep inside the software that haven’t been found yet.
But, Apple confirmed that although these iPhones are more open to hackers, to doesn’t pose serious threats to the security privacy of other iPhone products, even if it was stolen. The once-private bug bounty program, which was opened by Apple last year, was a move seen as a long-overdue and far later than most other tech companies.
The new program of the company will be a huge leap for its innovation. Apple may sometimes receive a report of the published works of hackers about iPhone bugs without any notification before the research was conducted. Hackers called this a “zero-day” because they don’t provide a time-frame for companies to patch.
Apple will request hackers to submit their works about security issues and other bugs so that the company’s engineers can fix it as soon as possible, which is under the policy of its bounty program. Hackers will be rewarded for their works that could make iPhones even stronger, protecting them against nation-state attacks and unwanted jailbreaks.