Yesterday I already touched on the topic "Checkm8" here in the blog. It was about increased security on the iPhone by one alphanumeric access code. Now I would like to briefly elaborate a bit more on the jailbreak vulnerability Checkm8 (means “checkmate”), which is presented as super problematic in many places. Sure, the message sounds frightening at first, especially since the second bad news is that the error cannot simply be fixed by a firmware update from Apple. Nevertheless: the necessary way of working to exploit the gap, also known as Apollo or Moonshine, basically gives the all-clear.
Malware to be used is a so-called boot ROM Feat, which in short and in layman's terms means that the software can make the device boot process work with any system. All iPhone models are affected, from the iPhone 4s with an A5 chip to the iPhone 8 and iPhone X with an A11 chip. There is a patch for newer Apple smartphones with A12 and A13 processors that closes the security gap. The iPhone models Xs, Xs Max, XR, 11, 11 Pro and 11 Pro Max are therefore protected against Checkm8.
For me, this means first and foremost that the jailbreak faction can be happy, because it gives them a permanent opportunity to jailbreak the old iPhone models. For hackers, however, the vulnerability is likely to be relatively uninteresting, as it cannot be exploited via the Internet and this limits the number of vulnerable devices. It is also a "tethered jailbreak", ie a wired attack that requires a USB connection to a Mac or PC.
Recommendation: USB condom and detailed information
In a post from January this year I gave you the PortaPow data block USB adapter presented. This can also be called a USB condom for fun. Because when plugged between the charging cable of your iPhone and a (public) USB socket, the adapter prevents data transfer. The highlight: there are only contacts for the flow of current, i.e. for charging the battery. The contacts for data transmission have simply been left out, so that hackers, boot ROM and other attacks or read-out attempts come to nothing. Always a good thing at the train station, airport or other charging port. For Checkm8 you can find the "Trail of Bits Blog" detailed information.
Jens has been running the blog since 2012. He appears as Sir Apfelot for his readers and helps them with problems of a technical nature. In his free time he drives electric unicycles, takes photos (preferably with his iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions for current bugs.