June 3, 2013
Charging Station Easily Hacks Into Apple’s Famously Secure iPhone
Michael Harper for redOrbit.com — Your Universe Online
Next time you´re hanging around the labs of Georgia Tech and need a place to charge your iPhone, you should steer clear of the clunky, 3-inch job they have laying around.Billy Lau, Yeongjin Jang, and Chengyu Song have found a way to hack into the famously secure iOS using a piece of hardware that plugs directly into the iPhone´s only port. They´re calling it “Mactans,” and according to the security researchers, this Trojan horse-style invasion only takes about one minute to completely open up the iPhone´s software and leave it vulnerable to attack.
Like all good hackers, the trio are using their research to suggest ways Apple could tighten their platform and improve the safety of their customers. They´ll also be presenting their findings and demonstrating how their software works during this year´s Black Hat conference in Las Vegas.
“Despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software,” explain the team in a summary of their presentation. “All users are affected, as our approach requires neither a jailbroken device nor user interaction.”
To build this malicious charger, the team used a single-board computer called BeagleBoard -- a 3-inch component easily acquirable through the BeagleBoard website. With the right (or wrong) software installed, this USB charger could be all a hacker needs to load all sorts of bad stuff onto an iPhone. The team says they´ve found a way to bypass all of Apple´s security features and run this malware as if it were an ordinary, built-in app with all the necessary permissions required. The researchers also say that with more money and more malicious intent, hackers could find a way to use a similar set up to do even more harm to an iPhone than they were able to do.
Yet for all the danger this hack threatens, it still requires physical access to a phone and being plugged directly into the device. In fairness, most devices, including those running Android, would be susceptible to a direct attack when plugged in this way. The Georgia Tech team claim they wanted to target iOS as many have accepted that this is the most secure platform on the market today. Android, on the other hand, is often touted as the least secure, largely due to its open nature and the high numbers of devices which run the mobile platform.
Furthermore, according to Jonny Evans with ComputerWorld, this hack may not be effective on new Apple devices (like the iPhone 5 and fourth generation iPad) which use the Intel/lightning technology instead of the older, USB charging technology. This could also be why Apple switched to the new, proprietary connector.
In addition to being famously secure, Apple is also famously stubborn about who gets to license their gear. When the company announced the new port last year, many customers and pundits alike wondered why Apple was being so strict with their new technology and not allowing their usual partners to create their own versions of the charger. While some official third-party lightning chargers are now available, it seems this is exactly the sort of thing Apple wanted to avoid by keeping a strict hand on their new port.