Does anyone actually use ROM anymore? Most ROMs these days are still flashable firmware but called ROM because of tradition. BootROM could just be a flashable boot loader. I don’t know in Apple’s case, but that is true for other types of computers.No patch to iOS could prevent a bootROM exploit from working. This is a flaw in the boot code built into the CPU via lithography. So a boot loader can be loaded, which then doesn't bother with security keys. Thus any modification to iOS can be made and booted. Good times.
This bug is not likely to be squished.Yes, did they find it and fix it, or fix it ‘accidentally’. No way of knowing I suppose.
So if I lose my iPhone I will be sure to erase it remotely quickly.
I am still waiting for a fix for the XKCD ‘hit him with this wrench until he tells you his password’ bug.
A stingray spoofs a cell network, it doesn’t decrypt a phone.I find this quite wrong and childishly.
You seem to forget or not know that once any phone connects to a couple of hundred $ stingray, it communicates with it fully decrypted, therefore a simple 300$ stingray used by police can gain access to all data in the phone, even passwords, lockscreen pass code etc
.... IOs is not that secure as you might think. Nothing is in fact. Just marketing.
Thats not how it works. Every encrypted server connection has its own key pair. It doesn‘t use one master key from a cell provider.Your phone gives the encryption key to it via handshake for free. Why? Because the stingray is connected with the same encryption key to the tower and it tells your phone he is the tower.
Or maybe Apple should review their code a bit more often since apparently it's an 8 year old exploit (dates back to the 4S). I doubt it's good marketing that you need to upgrade to a new $1000 phone every year because the previous one has security leaks.
I find this quite wrong and childishly.
You seem to forget or not know that once any phone connects to a couple of hundred $ stingray, it communicates with it fully decrypted, therefore a simple 300$ stingray used by police can gain access to all data in the phone, even passwords, lockscreen pass code etc
.... IOs is not that secure as you might think. Nothing is in fact. Just marketing.
But we can just easily brute force any 4 or 6 number passcode as we don't have any attempt restrictionsThey will still need your passcode to decrypt the key for the data partition on the phone. They won't have access to anything without your passcode. Apple has thought this stuff through.
Probably, but they might have improved the boot ROM for other reasons and closed that security hole without having been aware of this precise exploitation path.It has already been patched in the newer chips, I agree people like this are the ones you want to hire but they already knew of the flaw or it wouldn't be patched in current chips.
Sure it could take years, but it could be done.But we can just easily brute force any 4 or 6 number passcode as we don't have any attempt restrictions
nice, I could get my 1st gen iPad mini back on iOS 6
The sim is part of a key to the carrier network used by your cell radio. The handshake is between the radio chip and network. It’s not a key to the phone. There are no carrier apps on iPhones, only the software from Apple, and the carrier profiles (just settings, no executable code). Only Apple could choose to allow carriers to invoke a screen sharing server running on the phone by actively exposing that port and sharing the details with the carriers. However, that’s the opposite of every statement coming from Apple or state agencies that want that. On jailbroken phones, we would have seen that process and open port. The cell radio itself isn’t wired into devices to pull video from the graphics driver, sensors, etc., just data sent to it or requests to open sockets.I'm suggesting every single sim out there has encryption handshake with the device and based on that handshake it has access to everything. Sensors, microphone, storage, apps, root etc. Imagine whatsapp which is encrypted. Let's say you're on T-Mobile. From T-Mobile back office they cannot decrypt your conversation, but they can read it from your device. Like they see through your eyes. So they're using your device. But remember they have root acces. Sim toolkit, carrier apps rings a bell? The can remote connect to your device and acces anything . Of course this is a feature required by government and only it have access, not even T-Mobile. But when a stingray gets between... It literally has handshake.
when you rush things, this is what happens. iOS isn't released when it is done, it is released when the iPhone is released.God what is going on with ios 13.1 its so glitchy!!!!!
What does this have to do with topic? Boot rom code is likely finalized way in advance. And there is never a bug-free release of any software with not everyone agreeing ios 13 is glitchy.when you rush things, this is what happens. iOS isn't released when it is done, it is released when the iPhone is released.
If it's not in the whitepaper, I can't do anything more than speculate.
Krevnik, you seem really knowledgeable about this stuff. If they fixed the flaw in the A12 & A13 bionic chips, does that mean that new A11 bionic phones coming off the lines now are likely already patched?
Because I ordered a new iPhone 8 on Friday and I'd prefer to not have it have the flaw in it. Not sure if I should just upgrade to an iPhone 11 rather than risk it.