Skip to main content

Google lead says he’s ‘disappointed’ with Apple’s new iPhone security program

Apple’s new hacker-friendly iPhones offer security researchers unrestricted access to devices so that they can easily hunt down vulnerabilities and bugs. But Ben Hawkes, technical lead at Project Zero, a team at Google tasked with discovering security flaws, says he’s “pretty disappointed” with Apple’s latest security program.

Hawkes, in a Twitter thread, said that its team won’t be able to take advantage of Apple’s “Security Research Device” (SRD) iPhones since it appears to exclude security groups that have a policy to publish their findings in three months.

Every time a security researcher discovers a vulnerability, they offer the company a period of time to patch it before it is publicly reported. Project Zero, like many security researchers, has a 90-day policy. However, Apple has kept the control of the timeline to itself and developers who sign up for this new iPhone security program have to agree that they can’t disclose the issues they find until Apple allows them to.

“If you report a vulnerability affecting Apple products, Apple will provide you with a publication date (usually the date on which Apple releases the update to resolve the issue). Apple will work in good faith to resolve each vulnerability as soon as practical. Until the publication date, you cannot discuss the vulnerability with others,” notes the SRD program’s sign-up page.

Project Zero is one of the most widely regarded research groups, and since early 2015, it has reported over 350 security vulnerabilities to Apple.

“We’ll continue to research Apple platforms and provide Apple with all of our findings because we think that’s the right thing to do for user security. But I’ll confess, I’m pretty disappointed,” Hawkes added in a tweet.

Apple’s Security Research Device program has been long overdue and was first mentioned last year at the Black Hat security conference by the company’s head of security, Ivan Krstic. Over the past year or two, iPhone’s security has been found lax and compromised on multiple occasions. The new program ensures eligible developers don’t have to go out of their way to hack into iPhones for research purposes and allows them to access the device’s core components to unearth any potential vulnerabilities.

Security researchers can now sign up to request an SRD on a 12-month renewable basis.

Editors' Recommendations

Shubham Agarwal
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Let’s be clear, Apple — it’s time to make a transparent iPhone
Deep Purple iPhone 14 Pro with Beats Studio Buds+ in Transparent

Apple has released a new product that's gotten a lot of attention because of an awesome new color option. No, it’s not an iPhone, iPad, or even an Apple Watch. Heck, it’s not even the AirPods Pro 2. So, what am I talking about?

Apple acquired Beats by Dre in 2014, and this week, Beats dropped the new Beats Studio Buds+, which are pretty similar to the AirPods Pro 2, but cost less dough. And they come in one of the coolest colors I’ve seen in a long time: transparent.

Read more
iOS 16.5 is bringing two exciting new features to your iPhone
apple launches ios 16 5 new pride wallpapers more wallpaper update

After about a month in the beta testing stage, Apple is finally rolling out iOS 16.5 to the public. This is a surprisingly nice update, as it includes a few new features and some bug fixes.

One of the headliner features of the iOS 16.5 update is the addition of new Pride Celebration wallpapers. This wallpaper can be used for the lock and home screens, and it is meant to honor the LGBTQ+ community and culture. This wallpaper is being released ahead of the Apple Watch Pride Edition Sport Band, which will be available starting on May 24.

Read more
I hate my iPhone’s keyboard, but this app made it better
Theming on SwiftKey

The iPhone does a lot of things right. From serving a secure environment, a smooth operating system, unmatched performance, and consistently good cameras, there are plenty of practically justifiable reasons to overlook any of the best Android phones in favor of a pricey iPhone.

Interestingly, Apple tends to take a conservatively slow approach when it comes to smartphone innovations and only serves them after nearly near-perfecting the formula. But the default iPhone keyboard is a tale of stagnation. Or, to put it more accurately, it’s absurdly feature-devoid and depressingly non-exciting.

Read more