News

Unfixable iOS flaw exposes hundreds of millions of Apple devices

Before we get started

After spending over 20 years working with Macs, both old and new, theres a tool I think would be useful to every Mac owner who is experiencing performance issues.

CleanMyMac is highest rated all-round cleaning app for the Mac, it can quickly diagnose and solve a whole plethora of common (but sometimes tedious to fix) issues at the click of a button. It also just happens to resolve many of the issues covered in the speed up section of this site, so Download CleanMyMac to get your Mac back up to speed today.

mac-pc

A security expert has uncovered a virtually unfixable iPhone bug that can be used by hackers to gain access to millions upon millions of iOS devices throughout the world.

Called ‘checkm8’, the flaw affects all iOS devices that were released from 2011 to 2017, including iPhone, iPad, iPod Touch, Apple Watch and even Apple TV. The bug is reportedly able to permanently gain access to any of these iOS devices, regardless of any restrictions that Apple might have placed on software.

Checkm8 exploits a security flaw in the code that initially runs when the owner switches on the device. Since the bug is located in the iOS device’s read-only-memory (ROM) and not in the operating system as such, Apple can’t fix the problem with an iOS update.

Security expert AxiOmX said that he found the bug by reverse-engineering a fix that Apple released for the beta version of iOS 12 in 2018. The researcher claims that the “exploit for older devices makes iOS better for everyone” since it would enable users to run code far beyond what Apple initially intended.



Other experts warned that the bug could have huge implications for iOS devices, since it would enable outsiders to install malware or even software used by stalkers.

Law enforcement agencies and government hackers could also find it useful for surveillance purposes, for example. According to AxiOmX, the exploit can presently only be activated via USB and it is terminated when the device is restarted.

This, he said, made it an unlikely candidate for use by cyber-criminals. In an interview with Wired, he said: “It is possible that bad actors would use this, but I doubt it would be the first choice.”

He added that where it was most likely to be used is where someone had physical access to the device – for example, at border crossings or when the device was left unattended. Apple has so far not issued a statement.

Tags

About the author

Chris

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.