Apple's iPhone Security Research Device Program sign-ups open

The iPhone Security Research Device Program allows researchers to work with Apple directly in discovering vulnerabilities while still receiving bounty payments. Sign-ups are open through October 31.

Apple launched the iPhone Security Research Device Program in 2019. The program reportedly works well, having discovered 130 high-profile security-critical vulnerabilities since its launch.

The program website says researchers interested in applying for the 2024 iPhone Security Research Device Program have until October 31. It has paid upwards of $500,000 in awards for discovered vulnerabilities on Security Research Devices — which are essentially jailbroken iPhones.

The Security Research Device is meant to be used in a controlled environment for security research only. Provided devices are still Apple's property and loaned on a 12-month renewable basis.

Apple's description of a Security Research Device:

The Security Research Device (SRD) is a specially fused iPhone that allows you to perform iOS security research without having to bypass its security features. Shell access is available, and you can run any tools, choose your own entitlements, and even customize the kernel. Using the SRD allows you to confidently report all your findings to Apple without the risk of losing access to the inner layers of iOS security.

Researchers can use a Security Research Device to:

Install and boot custom kernel caches.
Run arbitrary code with any entitlements, including as platform and as root outside the sandbox.
Set NVRAM variables.
Install and boot custom firmware for Secure Page Table Monitor (SPTM) and Trusted Execution Monitor (TXM), new in iOS 17.

Select researchers and educators at the university level can apply for Security Research Devices. All submissions will be reviewed by the end of 2023, and selectees will be notified in early 2024.

Apply at Apple's security website.