|Apple Opens IPhone To Security Researchers|
|Written by Kay Ewbank|
|Thursday, 15 August 2019|
Apple is increasing its support for security researchers with special iPhones offering deeper access, and an increase in the upper limit paid to bug finders.
The announcements were made at this year's Black Hat cybersecurity conference in Las Vegas by Ivan Krstic, Apple's head of security.
The first part of the announcement applies to the special iPhones, which offer access to ssh, root shell, and what was described as ‘advanced debug capabilities.’ The new phones will be offered as part of what Krstic described as Apple's new iOS Security Research Device Program, which will roll out next year. While anyone can apply for one of the phones, they'll be on a strictly limited basis for qualified researchers. Krstic said that:
“This is an unprecedented fully Apple supported iOS security research platform.”
Alongside the new program, Krstic also announced details of increases to the amounts Apple will pay to researchers who find bugs. The bounty program is now open to anyone; until now, you had to be invited to take part. It will also be open to security vulnerabilities found in all Apple platforms, including not just iOS but macOS, tvOS, and watchOS. The amount offered has also been increased from the current limit of $200,000 up to a maximum $1 million.
Apple has been criticized by security researchers for not paying for vulnerabilities found in its operating systems other than iOS. Back in February, a freelance security researcher found a weakness in MacOS that he showed could be exploited by malware to gain access to passwords, private keys, and tokens from the user's keychain. The researcher, Linus Henze, refused to submit the details to Apple as the company at that point wasn't paying anything for MacOS flaws.
From now on, Apple will pay no matter which operating system is compromised, with the increased limits rising from $100,000 for a successful physical access attack that manages to bypass an iPhone's lock screen or unauthorized access to a user's iCloud account, to $1 million for a zero-click, full chain kernel code execution attack with persistence, such as a hacker managing to gain complete control of an iPhone without the user doing anything.
Apple also promised that anyone finding and reporting a vulnerability in pre-release software before general release will get up to 50 percent more than the normal bounty for that category of vulnerability.
or email your comment to: firstname.lastname@example.org