https://www.zdnet.com/article/googles-project-zero-team-wont-be-applying-for-apples-srd-program/
By Catalin Cimpanu
Zero Day
ZDNet.com
July 22, 2020
Some of the biggest names in the iPhone vulnerability research field have
announced plans today to skip Apple's new Security Research Device (SRD)
program due to Apple's restrictive rules surrounding the vulnerability
disclosure process that effectively muzzles security researchers.
The list includes Project Zero (Google's elite bug-hunting team), Will
Strafach (CEO of mobile security company Guardian), ZecOps (mobile
security firm who recently discovered a series of iOS attacks), and Axi0mX
(iOS vulnerability researcher and the author of the Checkm8 iOS exploit).
WHAT IS THE APPLE SRD PROGRAM
The Security Research Device (SRD) program is unique among smartphone
makers. Through the SRD program, Apple has promised to provide pre-sale
iPhones to security researchers.
These iPhones are modified to have fewer restrictions and allow deeper
access to the iOS operating system and the device's hardware, so security
researchers can probe for bugs that they normally wouldn't be able to
discover on standard iPhones where the phone's default security features
prevent security tools from seeing deeper into the phone.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/
