Apple is locking iPhone battery health info to deter third-party fix

Joanna Estrada
August 13, 2019

The company distributed hacker-friendly iPhones to their favorite researchers so that they can go and try to hack the devices at the lightest approach possible.

"This is an unprecedented fully Apple supported iOS security research platform", Krstić said at the conference.

Three years after it launched its bug bounty program on the Black Hat 2016 stage, Apple returned today to the same security conference to announce it is expanding the program.

At the same conference, software giant Microsoft also announced its Azure Security Lab, meant to give experts a sandbox-like safe environment to test its Cloud security services better.

Unlike other technology providers, Apple previously offered rewards only to invited researchers who tried to find flaws in its phones and cloud backups. It will also expand to include all of Apple's platforms - iOS, iCloud, tvOS, iPadOS, watchOS and macOS.

The new macOS bug bounty program is open to all researchers and offers a bounty of up to $1,000,000 depending on the nature of the law.

We've seen batteries improve by leaps and bounds in recent years, but even the best batteries wear out over time, and frugal owners know that replacing a battery in an otherwise-good phone is a smart move.

The full $1 million can head to researchers who will find a hack of the kernel-the core of iOS-with zero clicks needed by the iPhone owner. There will also be a 50 per cent bonus if the vulnerability is discovered in a beta version of any software. In the Art of Repair's video on the issue, after swapping a genuine Apple battery for a third party battery in an iPhone XS, the phone displayed a "service" message followed by an "Important Battery Message" stating that the phone is "unable to verify this iPhone has a genuine Apple battery". Apple security chief Ivan Krstic says that these special iPhones come with "advanced debug capabilities".

Apple's new program might have received more applause if it wasn't for the limited number of special iPhones it is handing out.

Apple is known for keeping strict control on all aspects of the iPhone, including software, hardware and repairs as well.

But if researchers can't achieve this holy grail of exploitation scenarios, there are other types of vulnerabilities and scenarios that can bring up to $500,000 per bug report [see tweet embedded below].

Apple raised the bounty from $200,000, and soon all researchers will get the chance to have a crack at the devices.

Other reports by Click Lancashire

Discuss This Article

FOLLOW OUR NEWSPAPER