A new security flaw in the iPhone’s USB-C charging port it raises questions about whether it is really that easy for sophisticated people to install malicious code and compromise every user’s data. This vulnerability, discovered by security researcher Thomas Roth, targets the ACE3 controller chip, a tiny but critical component responsible for managing the iPhone’s charging and data transfer functions.
We and the rest of the world have known for years that Apple exercises very strict control over its devices and software. Nevertheless, the jailbreaking community they seek to push the limits of what is possible with Apple devices, and the company therefore does not stop working constantly to patch vulnerabilities and hackers to look for persistent new exploits.
But this latest discovery presents a new challenge for Apple and shows how easy it is for the ACE3 controller chip to be reprogrammed to perform unauthorized actions, potentially allowing hackers to bypass security measures and gain control of the device. This is no longer just about installing unauthorized apps. This is a feature that opens the door for malicious actors to gain access to sensitive user data.
How bad are they for all of us unsuspecting users? It is enough to think that all the information stored on your phone: passwords, financial information, personal photos, private messages, give free access to a third party without your knowledge. That’s the kind of threat this vulnerability poses.
As you might guess, Apple has yet to comment on this discovery and it remains to be seen how it will address this vulnerability. Will a software update be enough to fix the problem or will a hardware redesign be required?
(via)
Source: myphone.gr
