There are those who change the iPhone every 1-2 years, and renew it by giving the ‘old’ in exchange. There are those who keep all the models from the first iPhone in 2007. And it is precisely this last profile, that of the Apple mobile fan, who surely would like to have the model that we can call the iPhone SRD, an iPhone so exclusive, so difficult to get, which is reserved for a few.
What is iPhone SRD? And why didn’t we know him? Because this special edition of the Apple mobile is not made for sale to the public, but for security research, which for many collectors already makes it an object of desire, similar to the development kits of the consoles of video game, for example.
Welcome to ASRDP, Apple’s Security Research Device Program, a program designed to “help improve the security of all iOS users, bring more researchers to iPhone, and improve the efficiency of those already working on the security of iOS ”. And a program whose essential piece of work is an iPhone “dedicated exclusively to security research, with unique code enforcement and containment policies.”
The Security Investigation Device (SRD) is intended to be “used in a controlled environment for security investigation only”. Access to Shell is available, and whoever uses it will be able to run any tool and choose their rights. Otherwise, the SRD behaves as closely as possible to a standard iPhone to “be a representative research target.”
- SRDs are delivered under a renewable 12-month commitment and remain the property of Apple.
- Not for personal use or daily wear. They must remain on the premises of the program participants at all times.
- Access and use of SRDs should be limited to those authorized by Apple.
- How the iPhone SRD program works
- If you use the SRD to “find, test, validate, verify or confirm a vulnerability, you must immediately inform Apple” and, if the error is in the code of a third party, to the corresponding third party. If you have not used SRD for any aspect of your work with a vulnerability, Apple strongly recommends (and rewards you, via Apple Security Bounty) to report the vulnerability, but “you are not required to do so.”
If you report a vulnerability that affects Apple products, it will provide you with a release date (usually the date Apple posts the update to resolve the issue). Apple will work in good faith to “resolve each vulnerability as soon as possible.”
As of the date of publication, you cannot discuss the vulnerability with others. Vulnerabilities found with an SRD are automatically considered as rewards through the Apple Security Bounty.
Requirements you must meet to be chosen
Participation in the Security Investigative Devices Program is subject to application review. Device availability is limited. The devices will not be available to all qualified applicants in the initial application period. Qualified applicants who do not receive a device during this period will automatically be considered during the next application period in 2021.
To be eligible for the Security Investigative Devices Program,