Cyber security news for all

More

    The Biggest Security Nightmare For iPhone

    It sounds like a nightmare for hundreds of millions iPhone users. All iPhone devices that came on the market between 2011 and 2018 have a critical security problem. The vulnerability opens a gateway for hackers, intelligence agencies and criminals.

    In such cases, Apple usually publishes an update in a timely manner that closes the gap. Different iPhone models will remain vulnerable forever. Many IT security researchers reacted to this case.

    iPhone security

    Which Devices Are Affected?

    The exploit can be carried out on seven chip generations from A5 to A11. These processors can be found in iPhones, iPads, iPods and Apple’s TV boxes. A total of eleven iPhone models are vulnerable, starting with the iPhone 4S. The iPhone X is still at risk, even Apple’s new iOS 13 operating system does not close the gap. Only devices with an A12 or A13 chip are safe- and all models of the 11 series. At least a majority of the affected iPhones have a security function that limits the damage. Sensitive information such as passwords and biometric data are stored in encrypted form on this secure part of the processor.

    No Protection Option Through Update

    The vulnerability is so problematic because it cannot be closed by an update as usual. It is not in the software, but in the chipset: This is a hardware component that controls the processor. To fix the error, Apple would have to call back the affected devices and replace the faulty component. Whether this will happen is completely open at the moment.

    Attack Only Via USB

    There is no immediate threat to normal, less exposed users. Firstly, access via the Internet is not possible; this requires direct access to the device via USB. Second, unlocking is not permanent; the third-party software is lost when you restart. And thirdly, the data on the device is protected by Apple’s security measures. Mails, messages and pictures are encrypted and cannot be read even on a broken device. Decryption requires the passcode that is used to unlock the phone or iPad. Without this, data theft occurs indirectly.

    Recent Articles

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    The US accuses Russian officers of being in charge for cyber attacks

    The US government has brought charges against Russians who are alleged to have been involved in various cyber attacks as officers of the military...

    Twitter changed its rules for dealing with hacked data

    On Friday night, access to Twitter was disconnected for about two hours. The Chief Engineer announced that the reason was a rebuild in the...

    Norway sees Russia as the perpetrator of the cyber attack

    "It is important that our government refuses to send the Russians a clear sign that we do not know," said the Norway government. According...

    Phishing mail with an incorrect form for Corona bridging aid

    The representation of the European Commission warned of a phishing attempt targeting small and medium sized enterprises. Under the pretext for corona bridging aid,...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox