Security researchers just dropped news of a pretty serious hardware vulnerability in some older Apple chips. It affects a bunch of still-popular iPhones, iPads, and other devices, and unfortunately, there’s no software fix possible.
The security firm Paradigm Shift recently published a detailed report and a working proof-of-concept for an exploit they call usbliter8. It targets the SecureROM (the unchangeable boot code baked directly into the processor) on devices with A12, A13, S4, and S5 chips.
The usbliter8 exploit hits models like:
- iPhone XR, XS, XS Max
- iPhone 11, 11 Pro, and 11 Pro Max
- iPhone SE (2nd generation)
- iPad Air (3rd gen), iPad mini (5th gen), iPad (8th & 9th gen)
- Apple Watch Series 4, Series 5, and the first SE
- Plus a few others like the 2nd-gen Apple TV 4K and Studio Display
The good news? It doesn’t touch the Secure Enclave, so your passcode and encryption keys should stay protected. It’s also not something a random thief on the street could easily pull off. It needs some technical know-how and direct access to the device. Also note that older A11 devices (like the iPhone 8 and X) aren’t affected, and newer A14 chips and beyond seem safe from this particular attack.
What this means for users
Paradigm Shift worked with Apple before going public. Because the flaw lives in the hardware-level code burned into the silicon during manufacturing, Apple can’t patch it with a software update. Their main advice is basically: consider upgrading to a newer device if security is a big concern for you.
For most regular people who use strong passcodes and don’t leave their phones unattended with strangers, the real-world risk is still pretty low. But if you’re using one of these older devices for work or sensitive stuff, it’s worth thinking about.
As word spreads, expect the jailbreak community to get excited, while Apple focuses on making future chips even tougher.
Don’t miss a thing! Join our Telegram community for instant updates and grab our free daily newsletter for the best tech stories!
For more daily updates, please visit our News Section.
(Source)
Comments