Apple is reportedly set to provide security researchers with unique iPhone models that would allow them to more easily find weaknesses in iOS. Forbes reports that Apple will make this announcement at the Black Hat security conference later this week.
According to the report, the iPhones will be given to security researchers that participate in Apple’s invite-only bug bounty program. Through this program, researchers are rewarded for the iOS bugs they disclose to Apple. Apple first promised the availability of such iPhones in 2016.
What would be different about these iPhones compared to consumer models?
Despite that level of openness, these iPhones will won’t be quite as unlocked as the devices seeded to internal Apple developers and members of its security team. For example, security researchers using these devices will likely not be able to decrypt iPhone firmware.
This program might also reduce the number of leaked developer devices, which have often been sold on the black market.
Elsewhere, the report claims that Apple is also set to launch a Mac bounty program. This would be similar to the iOS bug bounty, and reward security researchers for the vulnerabilities they discover in macOS.
Back in February, a security researcher detailed a macOS exploit to access Keychain passwords, but refused to share details with Apple due to its lack of a bug bounty program for macOS. Ultimately the researcher did share details of the vulnerability with Apple, despite the company not having publicly announcing a bug bounty program.
We’ll likely learn more about both Apple’s new pre-jailbroken device program, as well as the macOS bug bounty at the Black Hat conference this week. Apple’s head of security and engineering, Ivan Krstić, is set to give a talk on Thursday.