News

Unfixable iOS flaw exposes hundreds of millions of Apple devices

A security expert has uncovered a virtually unfixable iPhone bug that can be used by hackers to gain access to millions upon millions of iOS devices throughout the world.

Called ‘checkm8’, the flaw affects all iOS devices that were released from 2011 to 2017, including iPhone, iPad, iPod Touch, Apple Watch and even Apple TV. The bug is reportedly able to permanently gain access to any of these iOS devices, regardless of any restrictions that Apple might have placed on software.

Checkm8 exploits a security flaw in the code that initially runs when the owner switches on the device. Since the bug is located in the iOS device’s read-only-memory (ROM) and not in the operating system as such, Apple can’t fix the problem with an iOS update.

Security expert AxiOmX said that he found the bug by reverse-engineering a fix that Apple released for the beta version of iOS 12 in 2018. The researcher claims that the “exploit for older devices makes iOS better for everyone” since it would enable users to run code far beyond what Apple initially intended.

Other experts warned that the bug could have huge implications for iOS devices, since it would enable outsiders to install malware or even software used by stalkers.

Law enforcement agencies and government hackers could also find it useful for surveillance purposes, for example. According to AxiOmX, the exploit can presently only be activated via USB and it is terminated when the device is restarted.

This, he said, made it an unlikely candidate for use by cyber-criminals. In an interview with Wired, he said: “It is possible that bad actors would use this, but I doubt it would be the first choice.”

He added that where it was most likely to be used is where someone had physical access to the device – for example, at border crossings or when the device was left unattended. Apple has so far not issued a statement.

Tags

About the author

Chris

I've been a passionate evangelist for Apple and the Macintosh throughout my working life, my first love was a Quadra 605 working with a small creative agency in the south of Norfolk UK in the mid 1990's, I later progressed to other roles in other Macintosh dominated industries, first as a Senior graphic designer at a small printing company and then a production manager at Guardian Media Group. As the publishing and printing sector wained I moved into Internet Marketing and in 2006 co-founded blurtit.com which grew to become one the top 200 visited sites in the US (according to Quantcast), at its peak receiving over 15 million visits per month. For the last ten years I have worked as an Affiliate and Consultant to many different business and start ups, my key skill set being online marketing, on page monetisation, landing page optimisation and traffic generation, if you would like to hire me or discuss your current project please reach out to me here.

You can also follow me on: and

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.