Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Planning System for Retail Stores to Update iPhone Software With No Need to Open Box

ipaqrat said:
Agreed, except this tech is not new. It's long out of the lab, and in common use with SCADA, security and human wetware implants. It's particularly handy for cold backup SCADA, where the gear is normally off-line and unpowered. I'm aware of scenarios planned to perform this by helicopter, submarine or zodiac, where it's prohibitive to either run cables or travel casually.
Click to expand...

I wouldn't use SCADA as any model for what security should look like. Iranian centerfuges were their big wake up call that they need to pay attention to threats. Hopefully they've come a long way in the last decade and a half but they were absolutely asleep at the switch prior. Wetware should absolutely be paying attention to security but I don't think they're mainstream enough to be a target of any serious actors yet so although some in that area are certainly trying to make things secure they haven't been tested in a serious way by a deep pocketed adversary. That's assuming we're talking about niche biohacker communities. If you're talking about medical implants by major manufacturers they've also been shown to have a lack of focus on security in the near past with breaches of systems used by doctors to remotely adjust pacemakers being one example right off the top of my head. All that said, when there is zero direct access or direct access would be very difficult or invasive (devices on the sea floor, in space, inside of human bodies) then there may be a need to compromise security in favor of convenience (or even outright feasibility). That's not the case with a phone. We're talking about opening an attack vector so people don't have to spend an extra 15 minutes at the Apple store downloading an update after they open the box or just running the update once they get home.
 
Why would Apple need root access? You all seem to be thinking Apple has to push the update. Why? Apple can just wirelessly wake the phone up, have the builtin update routine kick off (anyone receiving a new phone 15 would remember how it asks to be updated to 17.0.2), check to see if the charging pad/firmware updating pad is there, and if it is, request for the update via airdrop. Once updated, the phone will just power off.

It would be the same bloody update mechanism in place today, just over airdrop (or BLE, or whatever).

Sheesh, people. Put away your tinfoil hat.
 
thisisnotmyname said:
Attacks almost always involve chaining together multiple exploits to achieve their ends. Today there is absolutely zero way for an attacker to start an attack on my powered off device without physically interacting with it. This provides a supported mechanism to take a powered off phone and without touching it at all have it perform an update to a new operating system. That's huge. I'm not saying that by itself gets the job done for the attacker but combine that with fooling the device into accepting a falsified OS and now you own that device without ever touching it. Owning an iPhone is possible today, owning one that's powered down without any physical contact is new and carries pretty significant risks. If I were a nationstate or a company that caters to nation state actors (e.g. NSO Group) I'd be incredibly interested in this technology.
Click to expand...
You seem to imply that Apple can push an update to a phone. I have not seen anything that says that. If anything, I would assume iPhones will be configured to poll for an update when it is in factory fresh condition, when it is woken up. And then pick up the update via Airdrop.

You *do* realize any updates will have to be signed by Apple, right? You can't just drop random firmware on an iPhone... you *do* realize that, don't you? Apple spent years fighting off people rooting iPhones, and you are not so simple to imagine that they would allow this to bypass the need for any updates to be signed, right?
 
b0fh said:
You seem to imply that Apple can push an update to a phone. I have not seen anything that says that. If anything, I would assume iPhones will be configured to poll for an update when it is in factory fresh condition, when it is woken up. And then pick up the update via Airdrop.
Click to expand...

The article seemed to imply this would be something initiated by retail workers at Apple stores, not an automatic polling process.

b0fh said:
You *do* realize any updates will have to be signed by Apple, right? You can't just drop random firmware on an iPhone... you *do* realize that, don't you? Apple spent years fighting off people rooting iPhones, and you are not so simple to imagine that they would allow this to bypass the need for any updates to be signed, right?
Click to expand...

You *do* realize there is already a jailbreak out for iOS 17, right? But since all updates must be signed by Apple there's no way there could be an exploit that allows an attacker to circumvent those protections. This is why there are no companies like NSO Group selling their hacking software to state actors, the security is perfect so we have no need to concern ourselves with any new vectors being created. *eyeroll*
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back