Apple Invites Researchers to Apply for Special iPhone Designed for Finding Vulnerabilities

[MacRumors]

Apple today announced that it is accepting applications for its 2024 iPhone Security Research Device Program, allowing security researchers to get specialized Apple devices that make it easier to find critical iOS vulnerabilities.

The iPhone Security Research Device Program (SRDP) has been around since 2019, and researchers have used it to locate 130 high-impact security vulnerabilities. Apple says that researchers have helped it to implement "novel mitigations" for protecting iOS devices.

Over the course of the last six months, program participants have received 37 CVE credits for their findings, and have contributed to improvements for the XNU kernel, kernel extensions, and XPC services.

Researchers who participate in the SRDP are eligible for Apple Security Bounty payouts. Apple has rewarded more than 100 reports from SRDP researches, and says that "multiple awards" have reached $500,000 with a median award of close to $18,000.

The iPhone 14 Pro research devices that Apple provides to participants feature special hardware and software designed for security research. Researchers are able to configure or disable the iOS security protections to manipulate them in ways not possible with a standard iPhone.

SRDs are available to security researchers who have a track record in security research both on the iPhone and other platforms, plus Apple is making devices available to university educators who want to use it as a teaching tool for computer science students.

Apple selects a limited number of participants each year to receive a research device, and applications are open until October 31, 2023. Selected participants will be notified in early 2024.

Article Link: Apple Invites Researchers to Apply for Special iPhone Designed for Finding Vulnerabilities

 

[hacky]

Very nice! Hopefully this is going to make iOS even more secure!

 

[MrENGLISH]

I can only show you the door. You're the one who has to walk through it.

 

[TVreporter]

That's clearly not a part-time job or a mat-leave position.

 

[Spaceboi Scaphandre]

Mmm I love a good terminal.

Wish I could get my hands on this iPhone. The fun things I could do with an iPhone that had root access just has me salivating.

Alas, I'll just have to wait until Apple's forced to enable sideloading next year.

 

[now i see it]

and of course, one of these phones doesn’t end up in the hands of a nation-state hacker. Of course not.

 

[hacky]

Alas, I'll just have to wait until Apple's forced to enable sideloading next year.

This! Sideloading will get iPhone to another level.

And the best thing is - it is optional. You don't have to sideload anything if you don't want to!

 

[hacky]

and of course, one of these phones doesn’t end up in the hands of a nation-state hacker. Of course not.

One would believe, they already have known exploits on hand.

 

[gpat]

Just sell it on the Apple Store so I can have my jailbreak.

 

[erikkfi]

This! Sideloading will get iPhone to another level.

And the best thing is - it is optional. You don't have to sideload anything if you don't want to!

But you wouldn't know it from all the off-base comments that oppose free installation of applications on one's own device even though that's been possible on most other categories of personal computing device since they were invented.

 

[hacky]

But you wouldn't know it from all the off-base comments that oppose free installation of applications on one's own device even though that's been possible on most other categories of personal computing device since they were invented.

The funniest thing is, that sideloading (on iOS/iPadOS) is in fact possible already just now.

https://developer.apple.com/programs/
- for free you can selfsign and sideload any app and it will be valid for 7 days - you can automate it via Sideloadly
- or you can pay 99 USD to Apple for the Developer Program and your app will be valid for 1 year

So sideloading is already there. It's just paid. So the whole debate should not be about possibility of sideloading, but rather about that it will be available to all for free for unlimited time. And that's just great for everyone, right?

I don't understand arguments of naysayers about security - if security would be a problem - the problem is there already, because sideloading is already there and always has been.

 

[gallico916]

Allowing RCS in text messages will solve a lot of security issues
Fun fact: When you text an Android user (green bubble), Apple uses the same security protocol from 1994 when the SMS came out.

Now, people will shout and say buy an iPhone, but iPhone is predominate in the USA only; most countries in the world its 20% or less with some counties at 7% or less.

 

[75Batt]

Allowing RCS in text messages will solve a lot of security issues
Fun fact: When you text an Android user (green bubble), Apple uses the same security protocol from 1994 when the SMS came out.

Now, people will shout and say buy an iPhone, but iPhone is predominate in the USA only; most countries in the world its 20% or less with some counties at 7% or less.

Well that’s just wrong

 

[sw1tcher]

Apple today announced that it is accepting applications for its 2024 iPhone Security Research Device Program, allowing security researchers to get specialized Apple devices that make it easier to find critical iOS vulnerabilities.

The iPhone Security Research Device Program (SRDP) has been around since 2019, and researchers have used it to locate 130 high-impact security vulnerabilities.

I wonder if NSO Group will apply to get one

Very nice! Hopefully this is going to make iOS even more secure!

Yeah, hopefully...

Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say

Following the news of widespread commercial hacking spyware on targeted iPhones, a large number of security researchers are now saying that Apple...

www.macrumors.com

 

[hacky]

Well that’s just wrong

Why? Do you have any sources on such claim?

SMS protocol is old and is not secure at all when sent over 2G network.

And it's true that iMessage is not prevalent at all in other part of the world other than USA. I mean you can just check iOS share in the Europe and it gets you picture.

 

[Apple_Robert]

I am glad Apple is doing this to try and keep us safer.

 

[MrTemple]

The funniest thing is, that sideloading (on iOS/iPadOS) is in fact possible already just now.

https://developer.apple.com/programs/
- for free you can selfsign and sideload any app and it will be valid for 7 days - you can automate it via Sideloadly
- or you can pay 99 USD to Apple for the Developer Program and your app will be valid for 1 year

So sideloading is already there. It's just paid. So the whole debate should not be about possibility of sideloading, but rather about that it will be available to all for free for unlimited time. And that's just great for everyone, right?

I don't understand arguments of naysayers about security - if security would be a problem - the problem is there already, because sideloading is already there and always has been.

You say you don’t understand the argument. And you don’t understand the difference.

I’m going to try to explain…

Tech enthusiasts can already get pretty much whatever they need onto their iPhones.

But tech novices (a HUUUUGE portion of iOS users) cannot.

After sideloading is built-in it becomes MUCH easier to do it. For everybody.

A few years after sideloading everybody is going to have a way to save 30% if you follow the three steps on their site to sideload their app instead of getting it through the AppStore. Netlix/Disney+, Epic Games, whatever the latest fad AI app or messaging plugin or whatever, they’ll all have a strong incentive for themselves and their customers to do it.

And plenty will sideload. It will become part of using an iPhone.

This isn’t a HUGE problem for those trusted developers. But it’s the normalized behaviour that opens the door for tons more malware installs.

Grandpa Jim followed three simple steps he saw on Facebook to sideload his MLB app before and save $30. He guesses he has to do it again to get the MLB playoffs update. 🤷‍♂️ Only it’s malware disguised as from MLB. 🤦‍♂️

“But this can happen on a Mac!”

Yup. But these tech novices don’t install apps on their macs (if they even have PCs), they certainly don’t install Mac apps from outside the AppStore. They use Safari for EVERYTHING.

A HUGE portion of the iPhone user base (at least 95%) are nowhere near as tech savvy as you or me, and probably at least half of them are Grampa Jims.

TL;DR: Having effectively no way for Grampa Jim to get himself in trouble with malware means the iPhone is safe for that hundred million people who know nothing about tech. Opening up sideloading for us nerds (who don’t actually NEED it to sideload), means you make the iPhone MASSIVELY less safe for the 100M Grampa Jims who will easily be scammed into sideloading malware.

 

[hacky]

You say you don’t understand the argument. And you don’t understand the difference.

I’m going to try to explain…

Tech enthusiasts can already get pretty much whatever they need onto their iPhones.

But tech novices (a HUUUUGE portion of iOS users) cannot.

After sideloading is built-in it becomes MUCH easier to do it. For everybody.

A few years after sideloading everybody is going to have a way to save 30% if you follow the three steps on their site to sideload their app instead of getting it through the AppStore. Netlix/Disney+, Epic Games, whatever the latest fad AI app or messaging plugin or whatever, they’ll all have a strong incentive for themselves and their customers to do it.

And plenty will sideload. It will become part of using an iPhone.

This isn’t a HUGE problem for those trusted developers. But it’s the normalized behaviour that opens the door for tons more malware installs.

Grandpa Jim has sideloaded his MLB app before to save $30, I guess he has to do it again to get the MLB playoffs update. Only it’s malware disguised as from MLB.

These tech novices don’t install apps on their macs (if they even have PCs), they certainly don’t install Mac apps from outside the AppStore.

A HUGE portion of the iPhone user base (at least 90%) are nowhere near as tech savvy as you or me, and probably at least half of them are Grampa Jims.

TL;DR: Having effectively no way for Grampa Jim to get himself in trouble with malware means the iPhone is safe for that hundred million people who know nothing about tech. Opening up sideloading for us nerds (who don’t actually NEED it to sideload), means you make the iPhone MASSIVELY less safe for the 100M Grampa Jims.

Well your whole post is not based on facts but on massive assumptions.

• You automatically assume it will be much easier to sideload. Yet you don't have any factual data to this. It may be behind multiple warnings and settings and you may require to do some stuff (i.e. allow it manually via computer) in order to allow this. There's no exact specification out yet, so we don't know how exactly will sideload work.
• You assume plenty will sideload. This just does not have any factual basis. Many Apple users trust the ecosystem and Apple claims about security of App Store. We really don't know how widespread will sideload be. It may be minority thing.
• You assume grandpa Jim sideload just to save $30. Where would grandpa Jim get this app? Is he browsing torrents or warez sites? Really? Does he really want to go beyond Apple ecosystem and convenience just to save $30 when he bought 1000 USD phone already?
• You assume there will be no security measure in place when installing potential malware to your device. There easily may be.
• You forget about sandbox. iPhone has sandbox built in. No app is able to access other app's data or features that you did not allow permissions to.

So I disagree with you, because it's just your assumptions and your opinions without any factual base at this point. You may be right, but you may be totally wrong too.

 

[erikkfi]

I don't understand arguments of naysayers about security - if security would be a problem - the problem is there already, because sideloading is already there and always has been.

The answer on security is that no matter what, people should be able to download and install what they want, if they want to. The OS needs to be hardened enough to account for that.

 

[twolf2919]

This! Sideloading will get iPhone to another level.

And the best thing is - it is optional. You don't have to sideload anything if you don't want to!

I think folks don't fully understand the security risks side loading may introduce to them even if they choose not to. For example, suppose you and your family are happy iPhone users. You may share the same Apple ID or, more likely, share various Apple services such as iCloud Storage. You think side loading is unsafe and tell everyone they shouldn't. But does your daughter listen? Of course not. She side loads an app from a questionable app store and now has some malware on her iPhone. That malware then gets to all your shared data and services and, potentially even spreads to the other phones via the shared services.

I maintain that Apple should not be forced to allow side-loading. The folks who want to side-load have a perfectly legitimate choice: get an Android phone. Side loading creates an unlocked door into Apple's security apparatus and the folks who are happy that there's only one app store and who depend on Apple's security will be negatively affected - guaranteed.

 

[hacky]

I think folks don't fully understand the security risks side loading may introduce to them even if they choose not to. For example, suppose you and your family are happy iPhone users. You may share the same Apple ID or, more likely, share various Apple services such as iCloud Storage. You think side loading is unsafe and tell everyone they shouldn't. But does your daughter listen? Of course not. She side loads an app from a questionable app store and now has some malware on her iPhone. That malware then gets to all your shared data and services and, potentially even spreads to the other phones via the shared services.

I maintain that Apple should not be forced to allow side-loading. The folks who want to side-load have a perfectly legitimate choice: get an Android phone. Side loading creates an unlocked door into Apple's security apparatus and the folks who are happy that there's only one app store and who depend on Apple's security will be negatively affected - guaranteed.

Please read my post here https://forums.macrumors.com/thread...finding-vulnerabilities.2400054/post-32417133

It's totally for you I believe. Sideloading is already supported right now. It's just somehow paid. But you can push any code to your device just now. So nothing changes from the security standpoint.

Also

That malware then gets to all your shared data and services and, potentially even spreads to the other phones via the shared services.

That's not how iOS security architecture works. Every app is sandboxed and thus can not access any other's app data nor it can access features you don't allow permissions to.

I maintain that Apple should not be forced to allow side-loading.

I disagree with this and so does EU thankfully.

 

[MrTemple]

Well your whole post is not based on facts but on massive assumptions.

• You automatically assume it will be much easier to sideload. Yet you don't have any factual data to this. It may be behind multiple warnings and settings and you may require to do some stuff (i.e. allow it manually via computer) in order to allow this. There's no exact specification out yet, so we don't know how exactly will sideload work.
• You assume plenty will sideload. This just does not have any factual basis. Many Apple users trust the ecosystem and Apple claims about security of App Store. We really don't know how widespread will sideload be. It may be minority thing.
• You assume grandpa Jim sideload just to save $30. Where would grandpa Jim get this app? Is he browsing torrents or warez sites? Really? Does he really want to go beyond Apple ecosystem and convenience just to save $30 when he bought 1000 USD phone already?
• You assume there will be no security measure in place when installing potential malware to your device. There easily may be.
• You forget about sandbox. iPhone has sandbox built in. No app is able to access other app's data or features that you did not allow permissions to.

So I disagree with you, because it's just your assumptions and your opinions without any factual base at this point. You may be right, but you may be totally wrong too.

I don’t think you understood at all.

Look at the number of those companies who already have a 3-step (or 10-step) process for signing up for subscription and/or purchasing things as a way to prevent Apple getting its cut through purchasing inside their app.

PLENTY of Grampa Jims do that. When Netflix.com has a page that shows him very simply how to save 30% per month, you can be damned sure an awful lot of them do that. Not all, not most. But plenty.

These are the same people who get scammed by the thousands and thousands to put their credit card into the wrong page. Not netflix.com, but netflix.com.save.biz.

These scams exist and work.

When MLB.com has a page telling Grampa Jim how to easily side-load their app, three simple steps, he will sideload that app just like he’s done for a subscription to save 30%.

Just like Grampa Joe did and saved 30% on MLB.com.

So when MLB.com.save.biz has that page that looks identical to mlb.com, plenty of Grampa Jims will use it.

It’s the IDENTICAL scam.

It works.

It will work for sideloading.

Man I HOPE you’re right that sideloading will be incredibly difficult, but clicking through a dialog or two aren’t good enough. That behaviour will be normalized (he and Joe have already done it successfully a few times).

And the idea that an iPhone can prevent the install of malware is pie-in-the-sky dreaming. If you figure a way for a phone or a computer to prevent the install of malware, you’ve just made yourself a billion dollars from the IT security industry! 💰 💰 💰

Now I’m not weighing in on whether or not this problem is big enough to prevent sideloading.

But can you see how it creates this vector for malware which didn’t exist before and which WILL be successful?

 

[hacky]

I don’t think you understood at all.

Look at the number of those companies who already have a 3-step (or 10-step) process for signing up for subscription and/or purchasing things as a way to prevent Apple getting its cut through purchasing inside their app.

PLENTY of Grampa Jims do that. When Netflix.com has a page that shows him very simply how to save 30% per month, you can be damned sure an awful lot of them do that. Not all, not most. But plenty.

These are the same people who get scammed by the thousands and thousands to put their credit card into the wrong page. Not netflix.com, but netflix.com.save.biz.

These scams exist and work.

When MLB.com has a page telling Grampa Jim how to easily side-load their app, three simple steps, he will sideload that app just like he’s done for a subscription to save 30%.

Just like Grampa Joe did and saved 30% on MLB.com.

So when MLB.com.save.biz has that page that looks identical to mlb.com, plenty of Grampa Jims will use it.

It’s the IDENTICAL scam.

It works.

It will work for sideloading.

Man I HOPE you’re right that sideloading will be incredibly difficult, but clicking through a dialog or two aren’t good enough. That behaviour will be normalized (he and Joe have already done it successfully a few times).

And the idea that an iPhone can prevent the install of malware is pie-in-the-sky dreaming. If you figure a way for a phone or a computer to prevent the install of malware, you’ve just made yourself a billion dollars from the IT security industry! 💰 💰 💰

Now I’m not weighing in on whether or not this problem is big enough to prevent sideloading.

But can you see how it creates this vector for malware which didn’t exist before and which WILL be successful?

If this is not just your subjective point of view but if you present your points as facts, please provide appropriate sources. Otherwise I stand by my last response. And I don't mean it in a wrong way.

Also comparison of sideloading with phishing is nonsensical.

Also sideloading is already there. You can already be forced into sideloading some app into your phone just now. Why is this not happening?

 

[MrTemple]

If this is not just your subjective point of view but if you present your points as facts, please provide appropriate sources. Otherwise I stand by my last response. And I don't mean it in a wrong way.

Also comparison of sideloading with phishing is nonsensical.

Also sideloading is already there. You can already be forced into sideloading some app into your phone just now. Why is this not happening?

Can you spend 10 seconds telling me you are actually discussing this in good faith? I feel like you’re not.

I already explained exactly how many legit companies offer simple steps to avoid the walled garden, and how that’s already a successful vector for bad actors (phishing for ccards).

And how those same outside-walked garden steps will be used for sideloading apps to save the 30% apple fee or avoid an Apple rule.

And how those SAME methods (phishing for installs) by bad actors will work for sideloading malware.

—

You say sideloading is already possible. But we’re talking about Grampa Jim here.

Can you explain how Grampa Jim can sideload now?

Because the change being discussed is basically making it like the Mac, where the steps will be: Download, disable one flag in settings like the picture shows on the howto page, click the app, hit a dialog. Steps that will be NORMALIZED by honest to goodness companies like Netflix, MLB, Epic Games, etc.

What are the current steps and how do they differ?

You know they differ massively, and this puts it all beyond the reach of Grampa Jim, or any consumer company’s howto page.

This is why I’m getting the impression you’re not discussing in good faith.

 

[Mr. Dee]

Apple should put a security feature in iOS anyone tries to hack it, Tim Cook just pops up on screen saying 'Goooooood moooooooorning' over and over.