Apple is expanding its Security Research Device (SRD) Program to put hackable iPhones in the hands of educators at the university level to use as a teaching tool.
The program, first launched in July 2020 and offered to very select bug hunters, will now be available to handpicked educators looking to introduce computer science students to mobile security research.
Under the carefully vetted program, Apple provides specially-built hardware variants of iPhone 14 Pro devices designed exclusively for security researchers, with tooling and options to configure or disable many advanced security protections of the iOS platform that cannot be disabled on normal iPhones.
“Educators can request to authorize multiple users for use in their classroom or lab,” Apple said in a note announcing the annual renewal of the program.
Cupertino’s security engineering teams are pushing hackers and educators to use the modded devices to install and boot custom kernel caches, run arbitrary code with any entitlements, including as platform and as root outside the sandbox.
It also provides features to set NVRAM variables, and install and boot custom firmware for Secure Page Table Monitor (SPTM) and Trusted Execution Monitor (TXM), new in iOS 17.
In its four years of existence, Apple said researchers in the program reported 130 high-impact, security-critical vulnerabilities in its flagship mobile platform.
“In just the past six months, they’ve received 37 CVE credits for their findings, and their work has directly contributed to security improvements in areas such as the XNU kernel, kernel extensions, and XPC services around the system,” Apple said.
“Even when reported vulnerabilities are patched, the SRD makes it possible to continue security research on an updated device,” the company said, noting that all researchers get access to Apple security engineers to discuss vulnerability reports.
Apple makes a point to emphasize that it selects “a limited number of security researchers” to receive one of the modded iPhones. THe company said the application process is primarily based on a track record in security research, including on platforms other than iPhone.
Related: Apple Offers Hackable iPhones to Security Researchers
Related: Apple Paid Out $20 Million via Bug Bounty Program
Related: Apple Preparing iPhone 14 Pro Phones for Bug Hunters
Related: Apple Offers Up to $1 Million in Public Bug Bounty Program