Is iPhone Still Saft if keeping running after shutdown?
Security collapsed? iPhone still running after shutdown may be a hotbed of malware, study says.
Apple has always boasted of extremely high security, and even refused to unlock the iPhone when asked by the US government, but now it seems that this security is a bit funny.
It is reported that there is a special mechanism on the iPhone that will keep the phone running in low power mode (LPM) when it is turned off, so that it can continue to search for the phone to prevent it from being lost, or continue to swipe the card through NFC.
However, according to the latest report from NetEase Technology, researchers have recently designed a malware based on this mechanism, which can also run when the user turns off the iPhone.
The iPhone lacks a digital signature mechanism in low-power mode that doesn’t even encrypt the running firmware, according to research, and academics at the Technical University of Darmstadt in Germany have devised a way to hack into a powered-off iPhone.
Using this lack of encryption to run malicious firmware, an attacker could track the phone’s location, or run malicious functions when the phone is turned off, as if the door was left open.
When the user turns off the iPhone, the device does not actually shut down completely, the built-in chip continues to operate in a low-power mode, allowing the user to use the Find feature to locate a lost or stolen device , or to continue after the battery is depleted Use Apple Wallet and car keys .
Now, researchers use this “always on” mechanism to run malware that keeps the malware running when the iPhone is turned off.
The iPhone uses the built-in Bluetooth chip to continue to implement functions such as “find” when it is turned off. But it turns out that the chip doesn’t have a digital signature mechanism, or even encrypt the running firmware .
Academics at the Technical University of Darmstadt in Germany have devised a way to use this lack of encryption to run malicious firmware, allowing attackers to track the phone’s location or run malicious code when the phone is turned off. function .
If a hacker finds a security hole vulnerable to wireless attacks , it could also infect the iPhone’s built-in chip, similar to the related vulnerabilities for Android devices.
In addition to allowing malware to run when the iPhone is powered off, attacks targeting the LPM mechanism can also allow malware to run stealthily in the background , since the LPM mechanism itself saves the battery power required to run firmware.
Of course, detecting whether a firmware is infected with malware itself is not easy and requires a lot of expertise and expensive equipment.
The researchers said Apple engineers reviewed the paper before it was published, but company representatives never provided any feedback on the content of the paper.
Research has shown that while the LPM mechanism in Apple’s iPhone allows users to locate a lost or stolen device when powered off, it can unlock or open the doors even when the battery is dead.
But it’s a double-edged sword that hasn’t been noticed yet when it comes to security .
“Hardware and software attacks similar to those described above have been shown to be feasible, so the research topics covered in the paper are timely and practical,” said John Loucaide, senior vice president of policy at firmware security firm Eclypsium. “This is typical of all devices. Manufacturers are adding new features all the time, and with each new feature, a new angle of attack emerges.”