Security News > 2021 > September > Security bods boost Apple iPhone hardware attack research with iTimed toolkit

Openc8... is applicable to a range of iPhone models all the way up to the iPhone X - though the research paper focuses on its use in the iTimed toolkit to audit and attack the Apple A10 Fusion chip inside an iPhone 7.

The trio's - Seetal Potluri was the third researcher - checkm8 reimplementation, which brings with it a range of claimed improvements, is dubbed openc8, and is applicable to a range of iPhone models all the way up to the iPhone X - though the research paper focuses on its use in the iTimed toolkit to audit and attack the Apple A10 Fusion chip inside an iPhone 7.

The work extends beyond the discovery of a single specifically exploitable vulnerability, though: the team hopes that the toolkit will offer a way to help security researchers delve deeper into the world of Apple hardware.

"This paper proposes the first complete infrastructure to enable general-purpose hardware security experiments on the Apple iPhone SoCs. Our effort greatly lowers the difficulty of implementing future hardware security experiments on Apple's SoCs.".

Asked what attracted them to iPhone research, Haas told The Reg: "Apple designs their devices as black boxes from the ground up, such that users and developers do not have to know about the implementations of various subsystems and modules. There's been a significant amount of effort put into reverse-engineering Apple's software, but we felt that, specifically, Apple's security hardware has been under-researched in the field. Of course, researching hardware requires a significant development investment into infrastructure and thus we created the openc8 toolkit."

"Used with good intentions, toolkits like this one, designed specifically to test the hardware security of Apple devices, will result in better security for end-users."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/14/security_bods_boost_apple_iphone/