Apple offers security researchers specialized iPhones to tinker with

Apple is inviting security researchers to apply for its Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties.

Apple started the Apple SRDP in 2019. In the intervening years, participating researchers have identified 130 security-critical vulnerabilities and have indirectly helped Apple implement security improvements in the XNU kernel, kernel extensions, and XPC services around the system.

A custom iPhone designed for security research

The Security Research Device (SRD) is a specially-built hardware variant of iPhone 14 Pro, with tooling and options that allow researchers to configure or disable many advanced security protections of iOS.

Researchers can install and boot custom kernel caches on it, run arbitrary code, start services at startup, persist content across restarts, and more.

“With this device, a researcher can side-load content that runs with platform-equivalent permissions and thus perform research on a platform that more closely models that of production devices,” the company notes.

“To help ensure that user devices aren’t affected by the security research device execution policy, the policy changes are implemented in a variant of iBoot and in the Boot Kernel Collection.”

Of course, the SRP device is not meant for regular use and to be carried around – among other things, the device starts up only while charging. It also can’t be mistaken for a regular user device, since the words Security Research Device are prominently displayed on the device itself and on the Lock Screen, during iBoot startup, etc.

Reported security issues will be eligible for awards under the Apple Security Bounty.

How to apply?

“Each year, we select a limited number of security researchers to receive an SRD through an application process that’s primarily based on a track record in security research, including on platforms other than iPhone,” the Apple Security Engineering and Architecture team explained.

“We’re also making SRDs available to select educators at the university level who would like to use it as a teaching tool to introduce computer science students to security research. Educators can request to authorize multiple users for use in their classroom or lab.”

Aspiring participants can apply for the program until October 31, 2023. Selected participants will be notified in early 2024.

“If your application is approved, we will provide you an SRD as a 12-month renewable loan. During this time, the device remains the property of Apple,” the company spells out.