0:00
what's going on YouTube GSN right here a
0:02
massive iOS vulnerability was patched in
0:04
iOS 18.3 point1 and this one is the
0:07
biggest one yet so if you go ahead here
0:09
on Twitter there is an article now
0:11
posted about unrestricting the
0:13
restricted mode for USB on iPhone now
0:16
this is a formability patched in iOS
0:19
18.3 point1 so essentially it's the only
0:22
thing patched in 18.3 point1 as you can
0:24
see over here released on February the
0:26
10th and it's a bug in accessibility now
0:28
this is essentially for all devices but
0:31
iPhone 10sn later for what is worth and
0:33
it says impact a physical attack May
0:36
disable USB restricted mode unlocked
0:38
devices apple is aware of a report that
0:40
this issue may have been exploited in an
0:42
extremely sophisticated attack against
0:45
specific targeted individuals and an
0:47
authorization issue was addressed with
0:49
improved State Management now this is a
0:51
very long and winded way of saying that
0:53
this was used by hackers before and
0:55
somebody has been targeted already with
0:56
this kind of attack this is actually
0:58
quite big we're going to get into it but
1:00
first this video is brought to you by
1:01
Flex store they provide essentially
1:03
jailbreak without jailbreak because they
1:05
provide a lot of tweaks and apps and you
1:07
know various utilities without being
1:09
jailbroken you can essentially sign your
1:12
own apps you can use your own
1:13
certificates including your developer
1:15
certificates p12s and so on and sign IPA
1:18
files directly on the device check it
1:20
out especially if you need to install
1:21
your jailbreak applications without a
1:24
computer right so the vulnerability
1:26
itself was detailed over here I'm going
1:28
to link the blog post down below for
1:30
those of you who are unaware the USB
1:31
restricted mode is this popup that
1:33
appears if you keep your device locked
1:35
for over an hour and this one needs to
1:36
be turned on in settings but it says
1:38
accessory connected unlock iPhone to use
1:40
accessories and this would happen if you
1:42
for example connect your charging cable
1:43
to the computer but the device is locked
1:46
and it's been locked for an hour so it
1:47
wouldn't let the device connect to the
1:49
computer it w't let the computer even
1:51
try to pair with the device before you
1:53
unlock the device it's a neat feature
1:55
and it prevents a huge attack surface
1:57
for hackers and so on however the USB
2:00
restricted mode Was Defeated to better
2:02
understand how big of a vulnerability
2:04
this one is this account posted here
2:05
that there is a bug Bounty of $1 million
2:09
for such a vulnerability it's a big
2:11
vulnerability and it really is
2:14
essentially killing one of the biggest
2:15
features in iOS security now this was
2:17
indeed defeated and you can find the
2:19
patch information over here it turns out
2:22
that the device was not checking
2:24
properly the state of this lock while
2:26
the Assistive Touch was enabled so this
2:29
little thing over here that simulates
2:31
the home button and a couple other
2:32
things and they were able to trigger the
2:34
vulnerability and bypass that thing it
2:37
would show up this popup switch control
2:39
accessory so adding a switch control USB
2:41
accessory will allow other USB
2:43
accessories to connect even when your
2:45
iPhone is locked you can change that in
2:46
settings and once you pressed okay you
2:48
can connect to the device through the
2:49
computer and it would essentially bypass
2:52
the whole thing so that is indeed
2:55
concerning it's a huge vulnerability
2:57
Apple dedicated a whole entire patch a
3:00
whole entire iOS version just to fix
3:01
this so if you are indeed interested in
3:04
your security you should go ahead and
3:06
update 18.3 point1 right now to get the
3:08
patch the chances are you're never going
3:10
to encounter an attack against yourself
3:12
that uses this vulnerability however any
3:14
accessory charging station you know
3:16
public charging station at a restaurant
3:19
or library or on the street that you use
3:21
could potentially use this exploit in
3:23
order to connect to the device you now
3:25
cannot know anymore because it's now
3:27
public and it's now available for I 18.3
3:30
and lower yeah thank you for watching
3:32
that's basically it huge vulnerability
3:34
don't know how useful it would be for
3:35
jailbreak though but it's still a
3:37
massive vulnerability and for those of
3:39
you who are interested in privacy and
3:40
security for your device more than
3:42
jailbreaking you should definitely
3:44
update thank you for watching I'm GS now