By preventing almost all zero-click attacks, the next update to iOS 14.5 will protect many users from hacking attempts. Especially since these are particularly dangerous, since they do not require any interaction from the victim to enter the device.
Do you know zero-click attacks ? This method of hacking is one of the most powerful and popular among hackers. And for good reason: this one does not require no victim interaction with malicious code to break into the targeted device. De facto, she is also very difficult to detect, paving the way for discreet data theft. So Apple decided to tackle (no pun intended) the problem.
In addition to the various new features planned, iOS 14.5 is committed to strengthening the security of iPhone and, at the same time, its users. We already know that the next update will hide Google’s IP addresses from Google, in addition to forcing apps to ask for permission before tracking them. This time around, the change is within the operating system code itself and is already visible in the beta. So it is on course to be present in the final version.
Apple wants to prevent zero-click attacks
The change is on ISA pointers, which will now be protected by a technology called Pointer Authentication Codes (PAC). These pointers tell the program which part of the iOS code to use to function properly. After the update they will be encrypted and will ask for authentication before they can be activated. In this way, hackers will no longer be able to inject malicious code into the smartphone.
According to several security researchers, this technology will make zero-click attacks much more difficult. “Now that the pointers are signed, it is more complicated to corrupt them to manipulate objects in the system”, explains Adam Donenfeld, researcher at Zimperium. It was he who discovered this novelty while digging inside the code of iOS 14.5. He also specifies that the objects in question are also widely used in “Sandbox-type leaks”.
Read also – iOS 14: new features, release date, compatible smartphones, all you need to know
IPhones will be very secure
According to Apple, this method will significantly enhance the protection of iPhones. An anonymous employee of the Cupertino company further states that hackers have something to worry about, “Because some techniques are now completely unusable”. However, this technology is not foolproof. To be effective, it must encrypt the right pointers, instead of protecting the device as a whole. What prompts Adam Donenfeld to think that zero-click attacks will not be completely eradicated when updating to iOS 14.
” When we want we can “, he says. “There will always be bugs, whatever they are, in the PAC or elsewhere, allowing a whole different hacking strategy.” However, he assures us that this novelty “Will most certainly have an impact” on iPhone security. Others are more mixed facing the latter. According to Jamie Bishop, one of the developers behind the popular Checkrain jailbreak app, “This protection simply increases the cost of zero-click attacks. A determined hacker with a lot of resources available will always be able to use it “.
The developer admits, however, that this novelty will actually game changer for users that could be targeted by a zero-click attack. For others, the changes will not be drastic, apart from greater peace of mind. New features in iOS 14.5 include support for PS5 and Xbox Series X controllers, as well as unlocking iPhone with Face ID, even when wearing a mask.