Following the launch of the Apple Bug Bounty program for iOS back in September 2016, the company wants to even cement its research program by providing unlocked iPhones for security researchers.
The program will be strictly invite-only and will be open to security researchers with proven track-record for reporting bugs on any platform. The exclusive handsets will come with ssh, a root shell, and advanced debug capabilities.
These devices will be available as from next year, and the company hopes it will help them discover bugs easier before it lands in wrong hands.
Apple has also extended its “bug bounty” research program to even cover its other Operating systems including macOS, tvOS, watchOS, iPadOS, and iCloud.
Besides, iOS bugs rewards have also been bumped up to $1 million for vulnerabilities that could let attackers control a device without any user interaction. In other words, called “zero-click, full chain kernel code execution attack.”
Although the $1 million may sound mouth-watering, this type of bugs can sell over that price. In a response to ZDNet, Crowdfense an exploit vendor, stated the interaction-less iOS bugs could “easily be valued between $2 million and $4 million.”