What Your Seemingly Sleeping iOS 15 iPhone Can Really Do

Some research into the potentially exploitable low-power state of iPhones made headlines this week.

While hardly anyone is using the study results to attack Apple users in any meaningful way, and only the most high-profile targets may find themselves troubled by all of this, it does at least give a glimpse of what is exactly your iOS handheld. until apparently extinct or asleep. Or none of this is new to you. We’ll see.

According to research, an Apple iPhone that falls asleep in low power mode or is turned off is not necessarily protected from surveillance. This is because some parts of it are still running at low power.

In iOS 15, certain chips inside an iPhone in either of these two power states remain active so that the owner can still locate their lost cell phones wirelessly via the Find My iPhone feature. , unlock nearby locked cars, or make payments. Bluetooth low energy connectivity, near field communications (NFC) and ultra-wideband (UWB) connectivity are kept alive in the phone to make this possible.

There is firmware in the device that runs when the phone is in low power mode (LPM) to manage this wireless functionality. it’s this firmware, tied to a bluetooth controller chip, that can be modified to contain malware that essentially runs all the time whether the iPhone is awake, asleep or turned off, probably until the battery runs out completely discharged. This malware could be designed to track and report user’s movements, spy on them, etc.

these results were set up by a team from the Secure Mobile Networking Lab (SeeMoo) at the Technical University of Darmstadt, Germany.

“The current implementation of LPM on Apple iPhones is opaque and adds new threats,” they wrote in their 11-page post, adding that, as is by design at the hardware level, “it has a lasting effect on the entire iOS security model. The design of LPM features appears to be primarily focused on functionality, disregarding threats outside the intended applications.”

don’t panic

There are some important caveats to this. Most importantly, in order to infect LPM firmware, in order for the malicious code to continue running even when the phone is apparently asleep or turned off, the device must be completely compromised. Anyone with that necessary level of control over your phone can already spy on your messages, steal your data, modify your apps, and more. Firmware modification is the icing on the cake for anyone who has infiltrated your device; it’s an unnecessary step against the vast majority of kills, and only necessary for some really high level targets.

That said, it seems that once you have this privileged access, there is no protection in the device to prevent you from changing the LPM firmware.

“On modern iPhones, wireless chips can no longer be trusted to be turned off after shutdown,” the SeeMoo academics wrote. “This poses a new threat model.”

Need a switch

The researchers said they responsibly disclosed these findings to Apple engineers before the document was publicly distributed. However, the team said they received no feedback from Apple. Academics recommend Apple add a hardware switch to disconnect the battery to improve security and protect valuable surveillance targets such as scientists, activists, politicians and journalists.

Some countries secretly installed NSO Group controversial Pegasus spy software on smartphones to secretly and remotely track people, including journalists, activists and other citizens. It is perhaps this level of snoopware that would benefit from the lack of protections around the LPM firmware.

Jaye Tillison, director of security strategy at Axis Security, said The register SeeMoo’s research is important even if the current threat is mitigated: it is not trivial to fully exploit it.

That said, “if threat actors start targeting iOS devices with new malware, it could have a huge impact on businesses and their attack surface – which has now extended to every user device and on all workplaces – both in the office and outside,” Tillison said.

“We typically see a large percentage of end users logging in through an iOS device. If you think of the 300 million users just in Fortune 2000 accounts alone, with 2.5 end user devices per user, that number can be huge.”

It’s also a warning as companies continue to make greater use of these technologies: “Security must be built into the fabric of the IoT [Internet of Things]”, he said. “For too long, we have coasted and coasted. We skipped security due to cost. It’s not a good road to keep traveling.”

Companies should adopt technologies that do not allow infected devices to connect to the corporate network, and devices that inspect traffic – even private traffic – to prevent sensitive data from flowing to compromised devices and to realize that employees need to be trained to protect themselves, he says. ®

#Seemingly #Sleeping #iOS #iPhone

Leave a Comment

Your email address will not be published. Required fields are marked *