For example, the security-research devices are not the same as Apple's own internal development prototypes, known as "dev-fused" iPhones, which are much more flexible and open than consumer iPhones and leave many iOS security features disabled. Outside professionals can investigate iOS from different angles, helping find problems that may arise after an attacker bypasses iOS defenses.Īpple says that it carefully designed the research devices to behave like consumer products and give researchers as much insight as possible without inadvertently creating exposure or risk for the hundreds of millions of iOS devices deployed around the world. The new research phones serve as something of an olive branch, with the added benefit of helping shore up iPhone security. Historically, relationships between Apple and the security industry have been strained, in part because Cupertino has offered so little visibility into iOS. If researchers "find, test, validate, verify, or confirm" a vulnerability using one of the special iPhones, they must report it to Apple-and any relevant third parties-under the terms of the loan agreement. The company will loan the devices for a year with the possibility to renew, and participants will also gain access to new security forums focused on the devices. Starting today, you can apply to get your hands on one.Īpple is opening its security research device program to analysts with an established track record of finding iOS bugs, as well as those with expertise in other platforms who want to start on iOS. The idea was to offer a device that had fewer constraints, allowing researchers to home in on security vulnerabilities more easily, without first having to work around standard iOS defenses. Last August, Apple announced that it would distribute special iPhones to elite security researchers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |