Apple's official jailbreak iPhone is circulating on social media. Security research equipment is shipped to professionals who are trying to find and report security bugs. Third-party researchers who discover new iOS vulnerabilities are eligible for financial rewards. iPhone jailbreaking — essentially cracking iOS to remove security features — is once again a hot topic on social media.
But this time, Apple is the jailbreaker.
Before these devices appeared, there was a loose group of hackers and security researchers bent on removing the restrictions imposed on iPhones by Apple, who were known as "jailbreakers." The term derives from the concept of breaking Apple's security limits on iPhones, known as "prisons."
Jailbreakers sometimes aim just to have fun bypassing restrictions, such as sideloading apps that aren't included in the official App Store, and simply changing the iPhone's background before enabling the feature.
Although these goals may seem harmless, Apple has been battling jailbreakers for years to prevent people from disabling the iPhone's security features. At least one Apple support page says that jailbreaking is an "unauthorized modification" of iOS.
According to a ** posted by security researcher Kalman on X (formerly Twitter), at the moment, Apple seems to have embraced the term "jailbreak" and used it in the official description of security research devices.
We make it easy for your existing tools to run on secure research equipment. With the Cryptex subsystem, you can sideload your tool and it will run with platform permissions and whatever rights you want," the note reads. "This keeps the rest of the security policies enabled, providing the flexibility to jailbreak the device while keeping the system you're investigating intact in a customer-like state. ”
Kalman attached a box containing his iPhone's security research device, a page of instructions from the researchers, and what he said were three stickers in the box.
In a post published on Tuesday, Kalman wrote: "Sorry for not unboxing**, but here's an Apple security research device and the giveaway that came with it. ”
It's unclear how much of these safety research devices actually exist in the wild, and very few of them are widely circulated online.
When asked by TechCrunch how many such devices Apple has shipped and whether the program has led to an increase in the number of vulnerabilities reported to the company, Apple spokesman Scott Radcliffe did not respond to a request for comment.
Kalman told TechCrunch that his security research device is "identical" to the iPhone 14 Pro. The only difference, he added, is that at the bottom of the lock screen is written "Security Research Device" and an Apple ** number, presumably to report if it is lost.
In addition to that, Kalman said that the box has a special label that says "Do Not Remove" and "Apple Property," as well as a serial number, which Apple notes on its **. Kalman said there was also a mark on the side of the phone that read, "Apple's property." Confidential and Proprietary. Call +1 877 595 1125. ”
The launch of the Secure Research Device Program was at least in part a response to the proliferation of iPhone prototypes – technically known as "development fusion" devices – that hackers and collectors bought and sold in the underground market.
These "development fusion" devices are essentially iPhones that have not gone through a full production process, or have previously been used internally at Apple to test features and were never intended to end up in the hands of consumers. As a result, there are fewer typical security features and restrictions typical on regular iPhones for these devices. That's why they're particularly appealing to security researchers: these devices make it easier for hackers to spot bugs in the iPhone's most protected**.
That's why these devices can cost thousands of dollars, and why Apple has been cracking down on this gray market and offering alternative security research devices.