Skip to main content
  1. Home
  2. Mobile
  3. News

Google lead says he’s ‘disappointed’ with Apple’s new iPhone security program

By

Apple’s new hacker-friendly iPhones offer security researchers unrestricted access to devices so that they can easily hunt down vulnerabilities and bugs. But Ben Hawkes, technical lead at Project Zero, a team at Google tasked with discovering security flaws, says he’s “pretty disappointed” with Apple’s latest security program.

Hawkes, in a Twitter thread, said that its team won’t be able to take advantage of Apple’s “Security Research Device” (SRD) iPhones since it appears to exclude security groups that have a policy to publish their findings in three months.

Recommended Videos

Every time a security researcher discovers a vulnerability, they offer the company a period of time to patch it before it is publicly reported. Project Zero, like many security researchers, has a 90-day policy. However, Apple has kept the control of the timeline to itself and developers who sign up for this new iPhone security program have to agree that they can’t disclose the issues they find until Apple allows them to.

“If you report a vulnerability affecting Apple products, Apple will provide you with a publication date (usually the date on which Apple releases the update to resolve the issue). Apple will work in good faith to resolve each vulnerability as soon as practical. Until the publication date, you cannot discuss the vulnerability with others,” notes the SRD program’s sign-up page.

Project Zero is one of the most widely regarded research groups, and since early 2015, it has reported over 350 security vulnerabilities to Apple.

“We’ll continue to research Apple platforms and provide Apple with all of our findings because we think that’s the right thing to do for user security. But I’ll confess, I’m pretty disappointed,” Hawkes added in a tweet.

Apple’s Security Research Device program has been long overdue and was first mentioned last year at the Black Hat security conference by the company’s head of security, Ivan Krstic. Over the past year or two, iPhone’s security has been found lax and compromised on multiple occasions. The new program ensures eligible developers don’t have to go out of their way to hack into iPhones for research purposes and allows them to access the device’s core components to unearth any potential vulnerabilities.

Security researchers can now sign up to request an SRD on a 12-month renewable basis.

Editors' Recommendations

Topics
Shubham Agarwal
Shubham Agarwal
Journalist
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Apple’s AI plans for the iPhone just leaked. Here’s everything we know
The back of a Natural Titanium iPhone 15 Pro Max.

Apple is the only major name in the world of Big Tech that hasn’t made its ambitious AI plans public yet. But that will change in a few weeks, with a focus on reimagining the iPhone experience. Bloomberg, citing internal sources, has detailed how Apple plans to integrate generative AI experiences with iOS 18, the next major build of its iPhone operating system.

The company plans to push new AI-powered capabilities not just in such in-house apps as Safari and Maps, but also in experiences like the notification system and a supercharged Spotlight search. Notably, Apple will push the bulk of AI processing to the iPhone’s silicon, and only a minor portion of it will be pushed to the cloud.

Read more
Something important just happened to the iPhone 16 series
iPhone 16 Pro and iPhone 16 Pro Max larger displays.

iPhone 16 Pro and iPhone 16 Pro Max renders MacRumors

With  the calendar about to turn to June, attention on the upcoming iPhone 16 series will soon shift into an even higher gear. Along those lines, word is that production on a critical component for at least three of these phones is about to begin.

Read more
Can a $500 Pixel phone beat a $1,000 iPhone in a camera test? I found out
iPhone 15 Pro (left) and Google Pixel 8a camera modules.

Right before Google I/O 2024, Google showed off the latest Pixel device, the Google Pixel 8a. This is the latest offering from the Pixel A-series, which is a more budget-friendly Pixel for those who don’t need all the bells and whistles of the flagship Pixel 8 or 8 Pro.

The Pixel 8a features a new design with more rounded corners and a matte-finish back. It packs Google’s latest silicon, the Tensor G3, but the camera hardware remains unchanged from its predecessor, the Pixel 7a.

Read more