Skip to main content
  1. Home
  2. Mobile
  3. News

Google lead says he’s ‘disappointed’ with Apple’s new iPhone security program

By

Apple’s new hacker-friendly iPhones offer security researchers unrestricted access to devices so that they can easily hunt down vulnerabilities and bugs. But Ben Hawkes, technical lead at Project Zero, a team at Google tasked with discovering security flaws, says he’s “pretty disappointed” with Apple’s latest security program.

Hawkes, in a Twitter thread, said that its team won’t be able to take advantage of Apple’s “Security Research Device” (SRD) iPhones since it appears to exclude security groups that have a policy to publish their findings in three months.

Recommended Videos

Every time a security researcher discovers a vulnerability, they offer the company a period of time to patch it before it is publicly reported. Project Zero, like many security researchers, has a 90-day policy. However, Apple has kept the control of the timeline to itself and developers who sign up for this new iPhone security program have to agree that they can’t disclose the issues they find until Apple allows them to.

Related

“If you report a vulnerability affecting Apple products, Apple will provide you with a publication date (usually the date on which Apple releases the update to resolve the issue). Apple will work in good faith to resolve each vulnerability as soon as practical. Until the publication date, you cannot discuss the vulnerability with others,” notes the SRD program’s sign-up page.

Project Zero is one of the most widely regarded research groups, and since early 2015, it has reported over 350 security vulnerabilities to Apple.

“We’ll continue to research Apple platforms and provide Apple with all of our findings because we think that’s the right thing to do for user security. But I’ll confess, I’m pretty disappointed,” Hawkes added in a tweet.

Apple’s Security Research Device program has been long overdue and was first mentioned last year at the Black Hat security conference by the company’s head of security, Ivan Krstic. Over the past year or two, iPhone’s security has been found lax and compromised on multiple occasions. The new program ensures eligible developers don’t have to go out of their way to hack into iPhones for research purposes and allows them to access the device’s core components to unearth any potential vulnerabilities.

Security researchers can now sign up to request an SRD on a 12-month renewable basis.

Editors' Recommendations

Topics
Shubham Agarwal
Shubham Agarwal
Journalist
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
The Apple Watch is the best iPhone camera accessory you didn’t know you needed
A person wearing an Apple Watch Series 9, made for the OuttaFocus column.

Photo taken with an iPhone 15 Pro Max controlled using an Apple Watch Series 9. Andy Boxall / Digital Trends

Smartwatches and cameras rarely go together very well. We’ve seen smart wristwear with cameras fitted in the past, but the combination wasn’t very successful, and few manufacturers even bother today.

Read more
This is the iPhone concept of my dreams
iPhone concept mimicking iPad Pro desgn.

It’s an odd day to be talking about iPhone design. Yesterday, Apple delivered what can be called the pinnacle of tablet aesthetics with the 2024 iPad Pro, which is even slimmer than the iPod Nano. Today, Bloomberg reports that Duncan Kerr -- a design executive from the legendary Jony Ive group and was a key figure behind the iPhone, iPad, and Mac products since 1999 -- is leaving the company.

It’s a great loss for Apple and disheartening news for iPhone enthusiasts. Apple almost seems obsessed with the design language it introduced with the iPhone 11 series. And if recent leaks are any indication, we are going back to the iPhone X days with the non-Pro iPhone 16 models later this year.

Read more
A big iPhone update is right around the corner
An iPhone 15 Pro Max sitting upright, showing one of its home screens.

With announcements for 2024 models of the iPad Air and iPad Pro, today's been a busy day of Apple news. But the iPad isn't the only Apple product in the news today. Following the big announcements from its event earlier this morning, Apple also shared some important news regarding the next iPhone update.

As of Tuesday, May 7, Apple has begun rolling out RC builds for iOS 17.5. RC stands for "Release Candidate," and it's the last beta version of a software update that Apple releases before its final public rollout. In other news, the official iOS 17.5 update should be right around the corner.

Read more