By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: December 27, 2023

Wednesday, 27 December 2023

‘Triangulation’ – Complex Exploit Backdoored Unknown Number of iPhones Over 4 Years ★

Dan Goodin, reporting for Ars Technica:

Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.

“The exploit’s sophistication and the feature’s obscurity suggest the attackers had advanced technical capabilities,” Kaspersky researcher Boris Larin wrote in an email. “Our analysis hasn’t revealed how they became aware of this feature, but we’re exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.” [...]

The mass backdooring campaign, which according to Russian officials also infected the iPhones of thousands of people working inside diplomatic missions and embassies in Russia, according to Russian government officials, came to light in June. Over a span of at least four years, Kaspersky said, the infections were delivered in iMessage texts that installed malware through a complex exploit chain without requiring the receiver to take any action.

From the report by the Kaspersky researchers:

If we try to describe this feature and how the attackers took advantage of it, it all comes down to this: they are able to write data to a certain physical address while bypassing the hardware-based memory protection by writing the data, destination address, and data hash to unknown hardware registers of the chip unused by the firmware.

Our guess is that this unknown hardware feature was most likely intended to be used for debugging or testing purposes by Apple engineers or the factory, or that it was included by mistake. Because this feature is not used by the firmware, we have no idea how attackers would know how to use it.

Ivory 1.8 Introduces ‘Explore’ Tab ★

Tapbots:

Ivory v1.8 is now available to download on the App Store! It features the brand new Explore Tab (which replaces the Search Tab) with much improved search and a new Popular & Trending section. There’s also a few new app Icons and some bug fixes.

The new Explore tab is good: it surfaces both popular Mastodon posts and news stories being shared by many people.

Federal Appeals Court Pauses Import Ban on Apple Watch Series 9 and Ultra 2 ★

Hartley Charlton, reporting for MacRumors:

Apple filed an emergency request to the United States Court of Appeals following President Biden’s decision to decline a veto on the sales ban, allowing it to take effect earlier this week. The Court of Appeals for the Federal Circuit today accepted an interim stay while the court reviews Apple’s request for a full stay for the length of the appeal, effectively pausing the ban on Apple Watch imports for a brief period.

Apple, in a statement to 9to5Mac’s Chance Miller:

“We are thrilled to return the full Apple Watch lineup to customers in time for the new year. Apple Watch Series 9 and Apple Watch Ultra 2, including the blood oxygen feature, will become available for purchase again in the United States at Apple Stores starting today and from apple.com tomorrow by 12pm PT.”

The Man wasn’t going to let Apple down.

Apple News+ Adds The Athletic, but NYT Articles Remain Unavailable ★

Todd Spangler, reporting last week for Variety:

The New York Times Co. inked a deal with Apple to add The Athletic’s full sports coverage to the Apple News+ subscription bundle. In addition, the Times’ Wirecutter product reviews will be available for free to all Apple News users beginning early next year.

However, articles from the New York Times Co.’s namesake newspaper remain unavailable in the tech giant’s popular Apple News app. The NYT Co. ended its partnership to provide articles from the Times to Apple News in 2020, saying at the time that the Apple News model did not fit with the company’s need for “a direct path” from digital platforms for sending “readers back into our environments, where we control the presentation of our report, the relationships with our readers and the nature of our business rules.” [...]

The Athletic has more than 450 full-time writers, editors and producers. The outlet covers hundreds of professional and college teams across sports leagues globally. That includes the NFL, NBA, WNBA, MLB, NHL, MLS, English Premier League, PGA, National Women’s Soccer League, NCAA Division I Football Bowl Subdivision, NCAA men’s college basketball, NCAA women’s college basketball, LaLiga and UEFA Champions League.

I’ve been subscribed to The Athletic for years, and now get it bundled with my Times subscription. It’s both good and, as the third paragraph quoted above indicates, broad — they have beat writers for all major teams. Adding it to News+ is a major upgrade to News+’s sports coverage. There’s nothing else quite like The Athletic.

It does seem curious, though, that the Times considers it worthwhile to bundle The Athletic (and also Wirecutter — which, unlike The Athletic, stinks) with News+ but not content from the Times itself. Also worth mentioning that the Times closed its own sports desk last year, and now relies upon The Athletic for all sports coverage.