Apple Made Sudden Security Changes to its Chips in Fall 2020

[pandrew]

Just to point out this is old news!
I made the same point on Twitter (when the 2021 Apple Security white Paper came out) in February.

https://twitter.com/i/web/status/1363195775405056000

Good catch! I searched for headlines and saw that it hasn’t been reported publicly enough, so tipped Macrumors. I hope it catches the eye of more experts and puts more light on this obscure hardware.

 

[0924487]

Apple won’t give you a voucher because they don’t want to create a secondary charger market with vouchers that give the product away.

They can bind it to Apple ID or iPhone’s IMEI and make it non-transferable.

 

[GSWForever8]

It’s more like $5 per charger, which isn’t insignificant.

More like $19. At least that’s what it said on the Apple Store

 

[I7guy]

They can bind it to Apple ID or iPhone’s IMEI and make it non-transferable.

Still doesn’t stop one from getting it for free and selling it on eBay for half-price.(or some such scenarios)

 

[0924487]

Still doesn’t stop one from getting it for free and selling it on eBay for half-price.(or some such scenarios)

Sure, if they make a loss with eBay fees and shipping factored in.

 

[gnasher729]

I wonder if this was in response to a major hardware security breach? Does that mean that devices released before the patch are now vulnerable?

It's not a patch. It is changed hardware.

You are NOT vulnerable at all if you use an 8 digit passcode. Every attempt to check a passcode takes 80 milliseconds, and that time cannot be shortened. An 8 digit passcode has 100 million combinations, trying them all at 80 milliseconds per attempt takes 8 million seconds = over three months, and before that someone must steal your device, buy very expensive hardware for an attack, break every other protection on your device. It's not something your random hacker on the street can do. It's what the NSA, or GCHQ, or whatever the successor of the KGB is, or the Chinese can do.

And compare this to what happened elsewhere: TWO companies selling "secure communications" software mostly to criminals have been completely, totally, absolutely hacked by Interpol. In the first case, European police has _every single message_ sent with this "secure communications" app sent by about 50,000 criminals. Without having any of those devices in their hands.

 

[gnasher729]

I'm glad Apple continues to focus on security. I wonder if this change was made due to an actively used hack that hasn't been made public?

Not a "hack". An attack that only someone like NSA or GCHQ can perform.

 

[Td1970]

That‘s going to retail employees and stock holders. Apple‘s gross profit is around 38%, so 8/19=42% is about the same.

I agree but it is a 4% profit gain for apple.

 

[toke lahti]

The Apple Watch Series 4 was the only device to contain an S4 chip, and this device was discontinued in September 2019, long before the second-generation Secure Storage Component was implemented in the fall of 2020.

Discontinuing in some countries does not mean all countries.
so there might have been production after that, even now.

At least old iP models are sold through cell carriers throuhout the world. Could this be the case with watches also?

 

[Tsepz]

That’s pretty cool, I am guessing the new secure enclave chip became available as they were wrapping up the A14 build and decided to update all the chips that are in their current devices and upcoming devices, makes sense.

 

[I7guy]

Sure, if they make a loss with eBay fees and shipping factored in.

That reason (even with the alleged loss) is the reason Apple won't give a free voucher. Now maybe if someone one's the charger bad enough, they can get a voucher to buy one at retail. That would eliminate the secondary market issue.

 

[PBG4 Dude]

Not a "hack". An attack that only someone like NSA or GCHQ can perform.

The “Gray Key” device is available to any police force who wishes to purchase it. It was no longer limited to the realm of the alphabet soup agencies.

 

[0924487]

That reason (even with the alleged loss) is the reason Apple won't give a free voucher. Now maybe if someone one's the charger bad enough, they can get a voucher to buy one at retail. That would eliminate the secondary market issue.

How do you determine if someone's charger is "bad enough"? I can by a 1 dollar charger in Dollarama and say it is a fire risk, now get me a free charger!

 

[0924487]

I agree but it is a 4% profit gain for apple.

You know variance and standard deviation?

 

[I7guy]

How do you determine if someone's charger is "bad enough"? I can by a 1 dollar charger in Dollarama and say it is a fire risk, now get me a free charger!

Typo, typo. I think what I was trying to say if a person wants a charger apple should charge retail for the voucher and then the person could redeem the coupon for the charger. That would eliminate the secondary market.

 

[Td1970]

You know variance and standard deviation?

Not really but I was being pedantic. I’m sure Apple isn’t losing a dime and making a very healthy profit not including it

 

[Steve Adams]

Why doesn't Apple reduce the production of iPhone to reduce greenhouse gasses?

Leaving out the charger just makes people who need one buy one at additional cost.

And extra shipping, packaging that would be much larger than if they just included it in the iphone box. It's all about money and nothing about the environment. It means most people who buy a new iphone will buy another charger for 20 bucks. Apple blowing smoke up fans behinds and they falling for it does not change this fact.