Skip to main content
  1. Home
  2. Mobile
  3. News

Google lead says he’s ‘disappointed’ with Apple’s new iPhone security program

By

Apple’s new hacker-friendly iPhones offer security researchers unrestricted access to devices so that they can easily hunt down vulnerabilities and bugs. But Ben Hawkes, technical lead at Project Zero, a team at Google tasked with discovering security flaws, says he’s “pretty disappointed” with Apple’s latest security program.

Hawkes, in a Twitter thread, said that its team won’t be able to take advantage of Apple’s “Security Research Device” (SRD) iPhones since it appears to exclude security groups that have a policy to publish their findings in three months.

Recommended Videos

Every time a security researcher discovers a vulnerability, they offer the company a period of time to patch it before it is publicly reported. Project Zero, like many security researchers, has a 90-day policy. However, Apple has kept the control of the timeline to itself and developers who sign up for this new iPhone security program have to agree that they can’t disclose the issues they find until Apple allows them to.

Related

“If you report a vulnerability affecting Apple products, Apple will provide you with a publication date (usually the date on which Apple releases the update to resolve the issue). Apple will work in good faith to resolve each vulnerability as soon as practical. Until the publication date, you cannot discuss the vulnerability with others,” notes the SRD program’s sign-up page.

Project Zero is one of the most widely regarded research groups, and since early 2015, it has reported over 350 security vulnerabilities to Apple.

“We’ll continue to research Apple platforms and provide Apple with all of our findings because we think that’s the right thing to do for user security. But I’ll confess, I’m pretty disappointed,” Hawkes added in a tweet.

Apple’s Security Research Device program has been long overdue and was first mentioned last year at the Black Hat security conference by the company’s head of security, Ivan Krstic. Over the past year or two, iPhone’s security has been found lax and compromised on multiple occasions. The new program ensures eligible developers don’t have to go out of their way to hack into iPhones for research purposes and allows them to access the device’s core components to unearth any potential vulnerabilities.

Security researchers can now sign up to request an SRD on a 12-month renewable basis.

Editors’ Recommendations

Topics
Shubham Agarwal
Shubham Agarwal
Former Digital Trends Contributor
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Google Gemini arrives on iPhone as a native app
the Google extensions feature on iPhone

Google announced Thursday that it has released a new native Gemini app for iOS that will give iPhone users free, direct access to the chatbot without the need for a mobile web browser.

The Gemini mobile app has been available for Android since February, when the platform transitioned from the older Bard branding. However, iOS users could only access the AI on their phones through either the mobile Google app or via a web browser. This new app provides a more streamlined means of chatting with the bot as well as a host of new (to iOS) features.

Read more
I tried a new Android phone that puts some of the best smartphone cameras to shame
The rear camera setup on the Oppo Find X8 Pro.

It’s been a few years since I was surprised by a smartphone camera’s zoom performance. With Samsung offering 100x zoom on its Galaxy S Ultra lineup, little has shocked me with smartphone cameras — until now.

The Oppo Find X8 series is the successor to the Find X7 series from last year, and alongside several other improvements, there’s also been a significant upgrade in one area: the 30x zoom. Oppo and OnePlus have great cameras at shorter zoom distances, and at a recent briefing, I discovered that we can now add the 30x zoom to the list.

Read more
A must-try Android app has finally arrived on the iPhone
Person holding a phone with Google Gemini Live being shown.

A few days ago, Google Gemini appeared in the Apple App Store for a user in the Philippines, who was even able to download it. We took it as a sign that the new AI assistant would soon make its way to the App Store in the U.S. Well, we were right, as you can now download Gemini as a standalone app on your iPhone, after previously only being able to access it through a browser.

The Gemini app is free to download and has a surprising number of features available. More powerful functions are available for a $20-per-month subscription, but you can try Gemini Advanced out for one month for free. It grants priority access to new features and gives a "1 million token" context window.

Read more