Tech

How Apple’s Locked Down Security Gives Best Hackers Additional Protection

“This is a double-edged sword,” says Bill Marzac, senior researcher at Citizen Lab, a cybersecurity watchdog. “You can prevent many refluffs by making your iPhone harder to break. However, 1% of top hackers are trying to find a way to break in, and when they break in, the iPhone’s intrusive fortress protects them.”

Marczak has been looking for these top hackers for the last eight years. His work includes a groundbreaking 2016 “Million Dollar Dissident” report that introduced the world to the Israeli hacking firm NSO Group. And in December, he was the lead author of a report titled “The Great iPwn,” and the same hacker allegedly targeted dozens of Al Jazeera journalists.

He buys or develops a zero-click exploit that invisiblely hijacks the iPhone, while the iPhone is becoming more secure as Apple invests millions of dollars to raise the wall. Claims to have millions of dollars for. These allow an attacker to infiltrate a restricted part of the phone without giving the target any sign of compromise. And as they go deeper, security becomes a barrier that prevents investigators from finding and understanding fraudulent behavior. Marzac can’t see behind the curtain, so he suspects he’s missing everything except a small part of the attack.

This means that even if you know you are under attack, you may have to rely on luck or vague suspicion rather than clear evidence. Al Jazeera journalist Tamer Al Jazeera contacted Citizen Lab after being threatened with murder for his work in January 2020, but Marzac’s team initially provided direct evidence of hacking on the iPhone. I didn’t find it. They insisted on indirectly looking at Internet traffic on the phone to see who they were whispering to. Finally, in July last year, researchers confirmed a phone ping server that belongs to NSO. This was strong evidence of hacking using Israeli company software, but the hack itself was not revealed.

Locked down systems can even more directly backfire. When Apple released a new version of iOS during Marczak’s investigation last summer, a new security feature on the phone killed the unauthorized “jailbreak” tool used by Citizen Lab to open the iPhone. This update keeps him out of the private area of ​​the phone, including folders for new updates. This turned out to be where the hackers were hiding.

Faced with these blocks, “we just raised our hands a bit,” says Marzac. “I can’t get anything from now on. There is no way.”

Beyond the phone

Ryan Storz is a security engineer at Trail of Bits. He leads the development of iVerify. This is a rare Apple-approved security app that does its best to look inside your iPhone while playing according to the rules set in Cupertino. iVerify looks for iPhone security anomalies, such as unexplained file changes. This is a kind of indirect clue that can point out more serious problems. Installing the app is a bit like installing a trip wire in a castle on your iPhone. If something doesn’t look as expected, then you know that the problem exists.

However, like the systems used by Marczak and others, the app cannot directly monitor unknown malware that violates the rules and cannot read the iPhone’s memory like security apps on other devices. .. Tripwires are convenient, but not the same as security guards who can roam all rooms in search of intruders.

“You can prevent many refluffs by making your iPhone harder to break. However, 1% of top hackers are trying to find a way to break in, and when they break in, the iPhone’s intrusive fortress protects them.”

Citizen Lab, Bill Marzac

Despite these difficulties, he believes that modern computers are converging on a blockade philosophy and the trade-offs are worth it. “Locking these can reduce the damage of malware and espionage,” he says.

This approach extends far beyond the iPhone. In a recent briefing with a journalist, an Apple spokeswoman explained that the company’s Mac computers are increasingly adopting the iPhone security philosophy. Modern laptops and desktops run on custom-built M1 chips, with some lockdowns making them more powerful and secure. Computers in the same way as mobile devices.

“IOS is very secure. Apple has recognized its benefits and has moved to the Mac for a long time, and the M1 chip is a big step in that direction,” said security researcher Patrick Wardle.

How Apple’s Locked Down Security Gives Best Hackers Additional Protection

Source link How Apple’s Locked Down Security Gives Best Hackers Additional Protection

Back to top button