May 17 news, in response to the chip in the iPhone will continue to run in low-power mode (LPM) when the device is turned off, scholars at the Technical University of Darmstadt in Germany designed a malware that can also run when the user turns off the iPhone, reflecting the privacy security risks of Apple devices.
The so-called "low-power mode (LPM)" means that when the user turns off the iPhone, the device is not actually completely shut down, and the built-in chip will continue to operate in a low-power mode. This mode helps users use the Find feature to find a lost or stolen device, or to continue using Apple Wallet and car keys after the battery runs out.
However, scholars at the Technical University of Darmstadt in Germany have shown that the "low-power mode (LPM)" does not have a digital signature mechanism, and does not even encrypt the running firmware. Specifically, the LPM pattern is primarily from a functional point of view and does not take into account security threats outside the intended application. The find function after shutdown will turn the iPhone in the user's hand into a tracking device, while the Bluetooth firmware function implementation is not secure and may be tracked by malware.
However, the researchers say the software can only run on jailbroken models and is less obvious to the average user threat. "Jailbreaking" refers to bypassing many of the restrictions that Apple has imposed on the operating system on its devices, allowing for "root access" to the underlying operating system. In simple terms, Jailbreak allows iPhone users to download other unofficial apps from outside the Apple App Store, or customize the user interface. ( Yu Yang)