![]() … can’t think of a clear malicious/dangerous use, and again you need the physical possession of the device.” “It’s simply changing the area of flash memory on the device (normally protected) which stores such hardware information. ![]() “I don’t personally see a clear security challenge here,” wrote Will Strafach, founder and CEO of iOS firewall Guardian and a former jailbreaker, in an email. This one-time, physical-presence-required exploit can’t get at an iPhone’s encrypted user data, and is an extremely unlikely vector for malware. Checkm8 is also not persistent-after rebooting your phone, the exploit is rejected and no longer present. DFU Mode requires holding a button combination on the phone, and that the phone be connected by cable to a computer. Using checkm8, and then Purple, requires an iPhone be in DFU Mode. It’s important to note that Purple, and the checkm8 exploit it utilizes, are not major security vulnerabilities. I put together all the things I learned, the low-level stuff, together for myself, into a one-click solution.” “I’m a really lazy person, I search for the easiest way of doing things,” Zompetti said. ![]() Ashford notes in a chat with Zompetti that a new generation of NAND-programming “DFU boxes” (possibly based on the same tech as Purple) have already been supplanted by Purple. At the least, it might save some repair techs from having to buy different programmers for each generation of NAND storage, at a cost of hundreds of dollars each. It could let DIY types fix their own NAND issues, if they involve corruption or partitions instead of hardware faults.Īll this could be done, Zompetti hopes, by someone with a serial programming cable, a Mac terminal, and a mind for repair. He sees his Purple app allowing for testing cameras, displays, and other phone components. And you still need to solder most of the components with serial numbers that Purple can edit.īut Zompetti believes more discoveries will come as people spend time with Apple’s not-quite-secret diagnostic tool. Serial number binding isn’t necessary for some common chips, including power management and charging controllers. Mark Shaffer, lead microsoldering technician at iPad Rehab, noted that Wi-Fi chip replacement, while a known problem with the iPhone 7, isn’t a common job. So far, Ashford and Zompetti have seen Purple rewrite the serial number for a Wi-Fi chip. Programming a NAND chip with a “bed of nails” press programmer. Now there’s a tool to do this in software and skip the physical reprogramming, at least for some repairs. Using a programmer requires de-soldering and removing the phone’s storage chip (NAND), placing it in the socket press, then unbinding and replacing the serial numbers for each replaced component. Without editing access, repair techs must turn to “bed of nails” programmers. An iPhone will reject certain replacement chips if their serial numbers do not match what the config files expect. That tool, referred to as “Purple Mode” or “ PurpleRestore” (due to the color some iPhone screens display with the tool loaded), allows you to edit otherwise inaccessible hardware-level system configuration files. The app utilizes the checkm8 bootrom exploit to load a diagnostic tool into the iPhone’s memory. Purple is the work of Giulio Zompetti, a repair tech, security researcher, and avid collector and researcher of iOS prototypes and internal tools.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |