Cyber security news for all

More

    The Biggest Security Nightmare For iPhone

    It sounds like a nightmare for hundreds of millions iPhone users. All iPhone devices that came on the market between 2011 and 2018 have a critical security problem. The vulnerability opens a gateway for hackers, intelligence agencies and criminals.

    In such cases, Apple usually publishes an update in a timely manner that closes the gap. Different iPhone models will remain vulnerable forever. Many IT security researchers reacted to this case.

    iPhone security

    Which Devices Are Affected?

    The exploit can be carried out on seven chip generations from A5 to A11. These processors can be found in iPhones, iPads, iPods and Apple’s TV boxes. A total of eleven iPhone models are vulnerable, starting with the iPhone 4S. The iPhone X is still at risk, even Apple’s new iOS 13 operating system does not close the gap. Only devices with an A12 or A13 chip are safe- and all models of the 11 series. At least a majority of the affected iPhones have a security function that limits the damage. Sensitive information such as passwords and biometric data are stored in encrypted form on this secure part of the processor.

    No Protection Option Through Update

    The vulnerability is so problematic because it cannot be closed by an update as usual. It is not in the software, but in the chipset: This is a hardware component that controls the processor. To fix the error, Apple would have to call back the affected devices and replace the faulty component. Whether this will happen is completely open at the moment.

    Attack Only Via USB

    There is no immediate threat to normal, less exposed users. Firstly, access via the Internet is not possible; this requires direct access to the device via USB. Second, unlocking is not permanent; the third-party software is lost when you restart. And thirdly, the data on the device is protected by Apple’s security measures. Mails, messages and pictures are encrypted and cannot be read even on a broken device. Decryption requires the passcode that is used to unlock the phone or iPad. Without this, data theft occurs indirectly.

    Recent Articles

    Police warn of a scam with fake websites on the Airbnb

    The apartment is centrally located and costs less: what looks like a great offer could be an attempt at fraud. The police in Europe...

    Significant increase in attacks with macOS specific macro malware

    Security researcher Patrick Wardle has observed a significant increase in attacks with macOS specific macro malware. As he explained in his lecture on Wednesday...

    China controls news with offline and online media

    The relationship between western countries and China is ambivalent. Only as a cheap production location and increasingly also as a basis for sales and...

    Russia’s GRU hackers hit the U.S. government and energy targets

    Some hackers have notoriety when it comes to the execution of their breach. GRU is one of these "elite" hacking gang. GRU is a Russian...

    U.S Offers $1 Million Bounty Reward for SEC Hackers

    (Left) Artem Radchenko (Right) Oleksandr Ieremenko   Two Ukrainians nationals, Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko are on the run from the law. The announcement did not...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox