• General

  • Apple iPhone USB-C Hacked on 2025

Linuxx https://www.forbes.com/sites/daveywinder/2025/01/13/apple-iphone-usb-c-hacked-what-you-need-to-know/

  1. This so far is not a big deal. The discoverer of the vulnerability says, in the article:

When it came to the ACE3 attack, however, Roth said that while Apple β€œsaw the attack complexity and said that they don't see it as a threat - I agree with that sentiment but wanted to at least have reported it!” The reasoning being, Roth told me, that as already explained β€œthis is essentially foundational research, the first steps that are needed to find other attacks on the chip.”

  1. The attack described is completely specific to specific Apple hardware and has no implications for Pixel hardware.

Linuxx "Can I understand that grapheneOS has better vulnerability protection than IOS?"

Because Grapheneos Team implemented software and hardware-level restrictions to disable USB-C data transfer from an early stage.

Probably! USB-C power negotiation in theory might expose enough attack surface to be exploitable. That is much less than the entire USB protocol space, but if the smaller surface is where a bad bug is, then it will still be a bad bug.

Overall, GrapheneOS mitigations reduce risk substantially, but not to zero, because that's not possible.

Please note that I do not speak for the GrapheneOS project.

        de0u
        Interesting point about power negociation.

        I always thought that when USB-C is set to charge only, the charge speed was at it slowest speed (5V 1A) because of the lack of communication trough USB when phone is locked prior to plug it and I felt that unlocking the phone, waiting for another vibration and charge animation then locking again put the phone at rest with higher charge speed..

        Guess I am wrong after all 😡

        • de0u replied to this.

            From what I read, this is a hardware problem. I wonder how Apple might fix this for those effected models

            de0u

            "I have an idea. If I completely disable USB function and use wireless charging, would that make the phone the safest it can be?"πŸ€”πŸ€”πŸ§

            • de0u replied to this.

                Linuxx If I completely disable USB function and use wireless charging, would that make the phone the safest it can be?"

                I don't know how wireless charging works, but I believe it includes negotiation for various rates. If so, in theory, that communication channel might have an exploitable implementation on the device.