So my little Apple fanboys, you who thought that your precious iPhone was an impregnable fortress, you will have to buy sticks of mint crystals because a security researcher has just managed to hack the famous USB-C controller of the iPhone 15 and 16. But don’t panic, keep your iPhone nice and warm in your hipster pocket, because I’m going to explain everything to you.
For newbies (and Android owners who still wonder why we’re talking about Apple), the controller ACE3introduced into Apple’s supply chain in 2023, is a very smart little component that manages all communications through the USB-C port of your iPhone. It’s a bit like the bouncer of a very trendy nightclub: He’s the one who decides who enters, who leaves, and above all how. More technically, it’s a complete microcontroller that manages not only charging, but also an entire USB stack connected to the device’s internal buses.
Our friend Thomas Roth (aka stacksmashing), a security researcher who likes to tinker with Apple devices, looked at this component with the attention to detail of a Swiss watchmaker on acid. And after testing different software approaches without success, such as creating a “fuzzer” and looking for temporal vulnerabilities, he decided to get down to business with a hardware attack.
To succeed, he used a cocktail of techniques that would make the screenwriters of Mr Robot green with envy:
- Reverse engineering by taking the thing apart to understand how it works
- Auxiliary channel analysis to observe electromagnetic signals during chip startup
- And fault injectionthat is to say electromagnetic disturbances targeted at the precise moment when the firmware is validated
Result ?
He managed to bypass security checks, boot modified firmware, and run his own code on the controller by extracting the contents of ROM. In theory, this could give an attacker full control over the iPhone. But you can put away your anti-stress ball because even Apple, which usually panics as soon as its precious toys are touched, remains rather zen here. After examining the method used, the Apple firm concluded that this attack is so complex to carry out that it is more of an academic exercise than a real threat – an opinion also shared by our friend Roth. -even.
This discovery is especially important for two reasons:
- It proves once again that even the most basic components can hide surprises
- And it paves the way for further research into the security of USB-C controllers
If, despite everything, you are the type to see Russian hackers under your bed, here are some simple tips:
- Always use your own cables and chargers
- Avoid dodgy public charging stations
- Keep your iPhone up to date
There you have it, dear iPhone owners, you can continue to post your selfies peacefully on Instagram. Your precious one is always so safe… at least until the next discovery!
Source
