Apple has announced the new Apple Security Research Device Program that will get security researchers access to unlocked iPhones that do not have the usual protections that prevent arbitrary code executions as well as other security implementations in iOS on the iPhone has. This will allow security researchers to analyze the core of the iOS operating system in an attempt to identify potential exploits and other security issues that need to be fixed. Apple had announced the plans for the Security Research Device Program a few months ago and is now asking security researchers to sign up.
Not everyone can sign up for this though claiming to be a security researcher. The application criteria clearly mention that only someone with “a proven track record of success in finding security issues on Apple platforms, or other modern operating systems and platforms” can apply. Apart from other criteria which require them to be an Apple Developer Program member, must be above the age of 18 years and must not reside in any countries embargoed by the US Government.
The idea behind the Apple Security Research Device Program is to allow third-party security researchers access to some of the same tools that Apple’s own internal security teams have, to find vulnerabilities that may have remained unidentified. All researchers who are part of this program are required to immediately report any vulnerabilities or security issues that they find, to Apple. “If you use the SRD to find, test, validate, verify, or confirm a vulnerability, you must promptly report it to Apple and, if the bug is in third-party code, to the appropriate third party,” state the conditions for the program.