To review this article, My Profile and then view the stored stories.
To review this article, My Profile and then view the stored stories.
Dan Goodin, Ars Technica
To review this article, My Profile and then view the stored stories.
To review this article, My Profile and then view the stored stories.
When you turn off an iPhone, it may not turn off completely. The device’s internal chips continue to operate in low-power mode, making it possible to locate lost or stolen devices using the Find Out feature or use car credits and car keys. after the battery runs out. Researchers have now figured out a way to abuse this permanent mechanism to run malware that remains active even when the iPhone appears to be turned off.
This story appeared on Ars Technica, a trusted source of generation news, generation policy analysis, criticism, etc. Ars is owned by WIRED’s parent company, Condé Nast.
It turns out that the iPhone’s Bluetooth chip, which is a must-have for creating features like Find My Job, doesn’t have any mechanism for digitally signaling or even encrypting the firmware it runs. Academics at the German Technical University in Darmstadt discovered how to take advantage of this lack of protection to run malicious firmware that allows the attacker to track the phone’s location or execute new functions when the device is turned off.
This video provides a review of some of the tactics that an attack can work.
This content can also be viewed in which it originates.
The study is the first, or at least one of the first, to examine the threat posed by chips running in low-power mode. It’s not about the low-power battery-saving mode of iOS, the low-power mode (LPM) of this search. it allows chips responsible for near-field, ultra-broadband, and Bluetooth communication to operate in a special mode that can stay on for 24 hours after a device shuts down.
“The existing implementation of LPM on Apple’s iPhones is opaque and adds new threats,” the researchers wrote in a paper published last week. “Since LPM is based on iPhone hardware, it can’t be removed with formula updates. Thus, it has a lasting effect on the overall iOS security style. As far as we know, we are the first to review the undocumented LPM features that were incorporated in iOS 15 and discover various issues.
They added: “LPM’s feature design appears to be primarily feature-based, with no regard for external threats to the intended applications. Find My after force off turns off iPhones to track devices through design and implementation in firmware. ” Bluetooth is not handling.
The effects have limited real value, as infections required releasing an iPhone first, which in itself is a complicated task, especially in a contradictory context. Still, targeting iOS’s always-on capability can prove useful in post-exploit scenarios via malware. like Pegasus, the Israel-based NSO Group’s complicated smartphone exploitation tool, which governments around the world use to spy on their adversaries.
It would also be possible to infect chips in case hackers notice security flaws that can also be exploited live like this one that worked instead of Android devices.
In addition to allowing malware to run when the iPhone is turned off, exploits targeting LPM can also allow malware to work much more discreetly, as LPM allows the firmware to save battery power. And of course, firmware infections are incredibly hard to stumble upon. because they require significant experience and expensive equipment.
The researchers said Apple engineers reviewed their article before it was published, but corporate representatives never provided comment on its content. Apple representatives did not respond to an email seeking comment on the story.
Ultimately, Find My and other LPM-enabled features help provide greater security by allowing users to locate lost or stolen devices and lock or unlock car doors even when batteries run out. But studies show a double-edged sword that, until now, has gone largely unnoticed.
“Hardware and software attacks similar to those described have proven practical in a real-world environment, so the topics covered in this paper are timely and practical,” said John Loucaides, senior vice president of strategy at enterprise software security firm Eclypsium. . ” It is typical for both and both devices. Manufacturers are constantly adding features, and new features come with a new attack surface. »
This story gave the impression of Ars Technica.
? The latest in technology, science and more: get our lyrics!
Bill Gates is so above this pandemic
These nanobots can kill and heal wounds
Terra’s cryptocave in inevitable
It’s no longer about switching to an induction cooker
Thousands of people see what you type before tapping Send
?️ Explore AI as before with our new database
?? ♀️ Do you want the team to be healthy again? Check out our Gear team’s picks for fitness trackers, running gear (including shoes and socks), and headphones.
More wiring
Contact
© 2022 Condé Nast. All rights reserved. Your use of this site constitutes acceptance of our User Agreement and Privacy Policy and Cookie Statement and your California privacy rights. Wired may earn a portion of sales from products purchased on our site as part of our component partnerships associated with retailers. Curtains on this site may not be reproduced, distributed, transmitted, cached, or otherwise used unless you have the prior written permission of Condé Nast. Choice of ads