Advertisement

Apple is shipping out jailbroken iPhones and a bunch of stickers to bug bounty hunters

Here is the Apple Security Research Device with the swag that was included.
Apple is shipping jailbroken iPhones to third-party researchers who are part of its Security Research Device Program.Courtesy of Gergely Kalman
  • Images are circulating on social media of Apple's official jailbroken iPhones.

  • The Security Research Devices are shipped to professionals who try to find and report security bugs.

  • Third-party researchers who find new iOS vulnerabilities are eligible for financial rewards.

Jailbreaking iPhones — essentially, hacking iOS to remove security features — is a talking point on social media again.

But this time, Apple is the one doing the jailbreaking.

Gergely Kalman, a security researcher, posted a photo of a "Security Research Device," or SRD, a jailbroken iPhone 14 Pro sent to him by Apple, on X (formerly known as Twitter).

The photo also included a page of instructions for researchers and several promotional stickers with the device.

Kalman, who runs a cybersecurity firm based in Spain, said in the replies that he was "a bit shocked" at some of the jailbroken features.

Apple pre-jailbreaks the devices, allowing third-party researchers to probe for vulnerabilities without worrying about being locked out.

"What this essentially means is that the researchers can run arbitrary code, as an arbitrary user with arbitrary entitlements, giving them almost complete control over the device," Kalman told Business Insider.

The self-described "Apple-vetted hacker" noted that jailbreaks "usually don't exist" for the latest version of iOS. And when they do, they often accidentally compromise one or more crucial systems.

"Having an SRD as a security researcher is incredibly useful," he said.

Any new vulnerabilities found are reported to Apple and addressed by the iOS developers. Researchers who find new vulnerabilities are eligible for a financial reward.

For his part, Kalman has not yet found any iOS vulnerabilities himself. "Ask me in 6 months," he added.

Aside from the jailbreaking, the devices are essentially "identical" to normal iPhones, Kalman said.

"For all intents and purposes, this could function as a perfectly regular iPhone 14 Pro, but it's explicitly forbidden for us to use it as such — for obvious reasons," Kalman said.

Apple started offering so-called "bug bounties" in 2020, TechCrunch reported. Researchers are provided SRDs for 12-month periods, though access to the devices themselves is tightly controlled.

The bounties listed on Apple's security website range considerably; on the lower end of the spectrum, a $5,000 reward is available to researchers who manage to access an app by bypassing the lockscreen "without significant or very technical effort."

Those who find a new vulnerability allowing them to bypass the iOS Lockdown Mode — an exceptionally difficult feat — may be eligible for a payout worth up to $2 million.

That's not to say that Apple condones customers jailbreaking its devices. The tech giant has long held that "unauthorized modifications" to iOS can cause numerous performance issues, including crashes, freezes, and shortened battery life.

"Apple strongly cautions against installing any software that modifies iOS," the iPhone User Guide said. "It is also important to note that unauthorized modification of iOS is a violation of the iOS and iPadOS Software License Agreement, and because of this, Apple may deny service for an iPhone that has any unauthorized software installed."

Read the original article on Business Insider