Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Researchers and Hackers Use Rare Dev-Fused Prototype iPhones to Unlock Security Secrets

Interesting to see how the expose of corporate espionage filters down to getting proprietary IP out in the wild.
[doublepost=1551904397][/doublepost]
AppleMad98004 said:
Why? It not in the interest of users to have vulnerable phones. This is a good fight. We need this to find vulnerabilities and privacy violations that Apple missed. Whether on purpose or by accident.
Click to expand...
So you are all for the acquisition of these phones even if having them is illegal and getting them is against the law?
 
Wow. Who would have thought there was a market for partially completed phones stolen from the factory. Wonder if there is a similar thing going on with Android phones, or if they are so easy to break that there's no need for such a thing.
 
AngerDanger said:
devfusediphone-800x533.jpg

Oh, I've been there, man! Long nights spent hacking away at devices on top of my… alligator leather covered table.​
Click to expand...
Geohot!?
 
nt5672 said:
So there are backdoors. I am guessing that because it's called "Dev-fused" that there is a hardware fuse that when blown during provisioning removes the ability of the phone to be used this way. That means that the restriction is by-passable.
Click to expand...
That's what the original Medium article said. But it may not be possible to undo the change. If that fuse exists (for example) between the layers of a circuit board, you're not going to be able to replace it with a new one.
 
  • Like
Reactions: RandomDSdevel
audiophilosophy said:
Hopefully Tim Cook will check macrumors today and notice he’s got a leak in his ship. Maybe he’ll “double down on” making sure these devices don’t get misplaced so easily.
Click to expand...
Problem is these leaks are originating in China, difficult to fix it.
[doublepost=1551908179][/doublepost]
TheShadowKnows! said:
After reading the Motherboard article, my thoughts:

Chinese Intelligent Service rejoicing: Winning!

And Cook's supply-chain management: Genius!
A genius that has traded a decade-long, manufacturing advantage for a permanent loss of Apple's intellectual property.

Hail to the Genius!
Click to expand...
Why blame just Apple, almost everything is made in China.
Very few would buy a 2K phone if it is made in USA.
Wall Street cares about corporation's bottom line, they don't care about loss of intellectual property, see the news Stocks go up as soon as there is rumor that US & China are close to a deal.
CEO's compensation is tied to stock's performance, so they should focus on how to increase stock price, they don't need to care about IP.
 
  • Like
  • Disagree
Reactions: Michaelgtrusa and lunarworks
What country/language keyboard setup is that? Couldn't put my finger on it at first, but return key is double size of US layout, and the | and \ key is... somewhere else?
 
  • Like
Reactions: RandomDSdevel
Aston441 said:
IP as a concept, as it exists today, was made up out of thin air by Oracle and Microsoft in the early 1990s as was way to lock out competitors. It's why we have the rediculous oligopoly situation today that let's Apple charge $1500 for a $500 piece of hardware.

Most of you grew up in the absurd situation we have today, so you think it's normal.

It is not. If you explained "IP" to a programmer in those days they would have laughed. Open Source grew out of programmers, who were appalled at the growing IP machine, to try to head it off before it took over everything.

That movement has more or less failed now. The machine won.

IP is anti-competitive, anti-capitalist BS that Congress is supposed to protect us from. Instead Congress sucks up money from companies like Apple, funding their lavish lifestyles, while average people continue to be screwed.
Click to expand...

IP is enshrined in the U.S. Constitution. Hardly a recent innovation.
 
Aston441 said:
IP as a concept, as it exists today, was made up out of thin air by Oracle and Microsoft in the early 1990s as was way to lock out competitors. It's why we have the rediculous oligopoly situation today that let's Apple charge $1500 for a $500 piece of hardware.

Most of you grew up in the absurd situation we have today, so you think it's normal.

It is not. If you explained "IP" to a programmer in those days they would have laughed. Open Source grew out of programmers, who were appalled at the growing IP machine, to try to head it off before it took over everything.

That movement has more or less failed now. The machine won.

IP is anti-competitive, anti-capitalist BS that Congress is supposed to protect us from. Instead Congress sucks up money from companies like Apple, funding their lavish lifestyles, while average people continue to be screwed.
Click to expand...

I found Richard Stalman's account!
 
  • Like
Reactions: shamino, freedomlinux, ateslik and 1 other person
Aston441 said:
IP as a concept, as it exists today, was made up out of thin air by Oracle and Microsoft in the early 1990s as was way to lock out competitors. It's why we have the rediculous oligopoly situation today that let's Apple charge $1500 for a $500 piece of hardware.

Most of you grew up in the absurd situation we have today, so you think it's normal.

It is not. If you explained "IP" to a programmer in those days they would have laughed. Open Source grew out of programmers, who were appalled at the growing IP machine, to try to head it off before it took over everything.

That movement has more or less failed now. The machine won.

IP is anti-competitive, anti-capitalist BS that Congress is supposed to protect us from. Instead Congress sucks up money from companies like Apple, funding their lavish lifestyles, while average people continue to be screwed.
Click to expand...

What are you talking about?? You don't know what you're talking about.

Us programmers rallied against companies like Microsoft for pre-installing windows on the computers when we wanted open source solutions like linux installed instead. But we never laughed at IP. That's how we got paid! Besides helping out the open source community, we don't want our work stolen.

If I spent 6 months of my life creating a brilliant piece of software, and your ridiculous thought of "IP is just a way to lock you out as a competitor" and you just stole what I developed, I'd sue the crap out of you. IP is a (very old) concept to protect my (intellectual) software work when I don't have a physical product to protect.
 
  • Like
Reactions: shamino and centauratlas
nt5672 said:
So there are backdoors. I am guessing that because it's called "Dev-fused" that there is a hardware fuse that when blown during provisioning removes the ability of the phone to be used this way. That means that the restriction is by-passable.

The $2000 cable just means that encrypted communications is also required and the cable contains the encryption hardware and/or keys. So much for Apple's pie the eye security. Still better than the competitors, but not much challenge for the NSA.
Click to expand...
eFuses can't be "unblown" and the enforcement of such security fuses is in the bootrom. If you figure out how to bypass the fuse check, then you can probably also figure out how to bypass a signature branch check even if such fuses didn't exist.
 
  • Like
Reactions: RandomDSdevel
Aston441 said:
IP as a concept, as it exists today, was made up out of thin air by Oracle and Microsoft in the early 1990s as was way to lock out competitors. It's why we have the rediculous oligopoly situation today that let's Apple charge $1500 for a $500 piece of hardware.

Most of you grew up in the absurd situation we have today, so you think it's normal.

It is not. If you explained "IP" to a programmer in those days they would have laughed. Open Source grew out of programmers, who were appalled at the growing IP machine, to try to head it off before it took over everything.

That movement has more or less failed now. The machine won.

IP is anti-competitive, anti-capitalist BS that Congress is supposed to protect us from. Instead Congress sucks up money from companies like Apple, funding their lavish lifestyles, while average people continue to be screwed.
Click to expand...

Hmmmm - US$1500 for a piece of hardware - clearly written by a youngster!!

Back in the late 1970’s I recall our company bought a DEC Rainbow PC (CP/M & MSDOS) for UK£5000 which we considered cheap against the alternative of buying software for the company mainframe (cost several £M’s) - s/w typically costing £100,000’s!!!

The functionality of a $1500 iPhone today compared to what was available in the 1970/80’s and at what price, is orders of magnitude greater in “what you get” and orders of magnitude “less that you have to pay”.
 
raghu8912 said:
Why blame just Apple, almost everything is made in China.
Very few would buy a 2K phone if it is made in USA.
Wall Street cares about corporation's bottom line, they don't care about loss of intellectual property, see the news Stocks go up as soon as there is rumor that US & China are close to a deal.
CEO's compensation is tied to stock's performance, so they should focus on how to increase stock price, they don't need to care about IP.
Click to expand...

Agree with you.
But pains me to see our technical leadership erode, and sold out for short-term lucre.
 
So yesterday Apple was a security oriented company often described as almost pathologicaly secretive. Today Apple is a company that has no control of how many iPhones, only intended for internal use, get stolen and sold on a grey market. They only cost 2.000 $US (even foldable phones cost more nowadays)?? I don't believe a word of what was written here.
 
"exploited by law enforcement agencies" - and anyone else once it is found and the issue leaks.

That is why encryption is key. Even if you trust everyone in law enforcement at some point you will get a (pick your poison: Hillary or Trump) in charge of the FBI/CIA/NSA and you don't want that person to have access to everything.

Finding the problems is great, and so Apple needs an entire department dedicated to this. And they need to bump up their bug bounties. Paying $100k or $500k for a bug is well worth the cost when amortized across more than 1 billion devices.
 
  • Like
Reactions: RandomDSdevel and shamino
Baymowe335 said:
How much do you think Tim knows that you don't know about?
Click to expand...
Of course he knows a lot about what's going on with Apple, but with they way things are handled the act few years, it seems that they don't get practice about things until it ends up in the media. Makes me wonder how hands on he is.
 
So, all that talk about Apple being so secure is just that, talk. Sounds like someone needs to make heads roll, or is their position at those manufacturers so weak that they can't control them. How does someone 'lose' a special device like that? Shocking that there are that many of them in the wild. They might as well sell them themselves.
 
I think if Apple really wants to be a company that strives for the betterment of humanity, then it should open source dev-tools like this.
 
  • Like
Reactions: RandomDSdevel
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back