They Found The iPhone Backdoor 

It’s really a feature and not a bug in this case.

You would have coded it to require a 10 stage chain of exploits , across multiple development teams and computer design engineers? If it were your job, you would be very bad at it.

Now that Intel is ramping up manufacturing in that country, you can be assured that more hidden instructions will be put into the processors below level zero.

🤣

​@@TheOfficialOriginalChad good backdoors aren't easy to find, the point is only you know about it

There is a vulnerable to hitting the like button on RU-vid... you did not hear that from me thou

@@Tycy2014 EXPLAIN GOOD SIR.

@catmanmliolunny anytime there is a handshack between 2 users it uploads that into RU-vids data if you have a payload hidden behind your comments like button (if you already ran a sql injection on your comment) you can than have your like button carry payloads to other users and use assembly root functions to brute force your way or key loggers your way into others systems or get there internet traffic. The way you determine your like buttons url is by using Google Dorks to find the exact location of your comment... this is a multi step process Edit: I'm working on multiple cves right now using hidden payloads to find locations of people, all you need is the hand shack and a man in the middle function, and you can go crazy Edit: it's like giving cookies but only if you don't have access to their system.... if I wanted I could find out where you live given enough time. Or I could use social engineering to get the same results.

@@Tycy2014 Worked like a charm, thanks homie

@@kphaxx oh no

Enough that if you knew how many you’d want to never tap a phone again! But lets hope most of them are undiscovered (for now)

@@junyaiwaseyup I won’t own a mobile tracking device even a handheld one let alone the next generations , wearable , implantable , last but not least grown into your fucking brain !!!

@@junyaiwaseoh boy , it’s just the beginning I’m afraid

This is just the stuff we hear about.

Let's talk about how many iPhone exploits are the same as Mac computer exploits that still haven't been patched; find them, and you'll destroy Apple in a day. I wish I was joking, yet here we are..

kek

Based

Hahaha absolutely insane

Theyll probably save some of it for themselves no doubt. :)

Goon?

this is the exact issue I hated in the earn it act, putting a back door for the government means everyone can get that backdoor

@atomicskull6405 They didn't stumble across anything. Pegasus is Israeli. They either have insiders at various American glow bro organizations or they bribe and blackmail their way into getting access to le secret spy codes.

There's always, and I mean always a back door.

@@gravyd316not true

Or have someone sell the secret to them. Which us probably what they did

"We're the resistance, this backdoor is only to stop the bad people from using iPhones."

Nah, f no. I dislike Apple because of their bs and lies.

"It's to make the battery work better on older phones."

​@@X1ZRdo we even have something secure? I mean intel me work regardless of your os

​@@user-gt2th3wz9cNo. Nothing is

Image more than one thing being true at the same time.

@@Stone_624 except the sideloading part isn't true, you can always make it difficult for amateurs to sideload, they just want their 30% cut.

"sideloading" what a stupid name they made. Why is it allowed on Macs then?

I've been using Android for the past 6 years. And in that time, half of the apps I use are pirated, sideloaded apps. Never in this time have I ever been infected with malware, because well, I use my brains when sideloading. @@Stone_624

​@@Stone_624 imagine you know nothing about sideloading and make a dumb comment.

Who cares what the Russians think? They can whine all day, it’s not like they wouldn’t conduct similar tactics.

I mean, is there a government out there that doesn't do this crap?

Exactly

@@moonasha most are very primitive and all but a handfull don't have aceess to global firms with bilions of users . it's a matter of exposure scale

stuxnet

Undocumented bit combinations in the machine code might hint at undocumented registers in the hardware. But figuring out special functions for those registers would be tricky. Unused space in the instruction set, on the other hand, is common.

Not like the general purpose registers on the CPU -- probably talking about registers in the SoC, written to with a special instruction or memory mapped at some hardware address. Writing to it controls certain aspects of the various things in the System on a Chip.

It exists in Intel and AMD. Undocumented instructions.

We normally call them "undocumented registers". And they would refer to registers in hardware devices, not the CPU registers. Though even in the 8-bit days there were undocumented registers or partially documented registers, and modern CPUs are orders of magnitude more complex, often with multiple CPU cores in them, so a lot more places to hide undocumented registers. Undocumented opcodes are extremely common.

@@Muhammad-sx7wr Always has.

That is so cool... too bad we are not presented this choice either, and have to deal with this bs

Whats OP code?

Didnt understand half of it but that sounds badass

28 years ago was the era of 14.4k baud modems, cd-roms were connected through soundcards and this new OS called Windows 95 had just been released. There were no cell phones nor the concept of "devices" or "network engineers" It would also make you at least 40 years old today and old enough to not be so gullible or make up fake stories. What would having access to the source code do? Fork and compile their own version of win95 with the same undiscovered vulnerabilities as that is safer? 😂

@@sirtra it's not foolproof, but having source code to inspect makes it a lot harder to slip in a back door.

Link?

Dang I wanna see.

@@LewyM7 below dude

#secret code 😂😂😂

No link showing up bruh

Yeah that really doesn't sound like it was planned. And the unused registers probably were there for redundancy or they simply were left overs from the development.

Smart mfs doing stuff like this meanwhile I’m proud of my crud b2b saas. Feels bad.

@@zekiz774people here would rather attribute to malice something that can easily be explained as an oversight in an insanely complicated system. I’m really not apples biggest fan, but jumping to accusing them of conspiracy is unhinged.

@@sn00pysfonesmart people push the world forwards, were just along for the ride

Pegasus is actually pretty beautiful from a coding perspective.

I wonder if they get patched version of ios, that don't have these vulns

​​​​​@@mycommentmyopinion imo unlikely. Someone within govt wanted total possible oversight over these contractors & defense depts by forcing then to use iphones & imessage they insured this happened. Imo this was an intentional backdoor sponsored by the US govt.

funny how the government actually trusts closed source software for critical and sensitive stuff.

Not that funny if you consider their versions are probably a lot different than the consumer models.

​@@dangerous8333 I would believe it's only the hardware with specialized software, but if not it seems like a bigger problem.

Everything is breached

The walled garden was never one to begin with (at least to the alphabet bois and NSO 😂)

There has never been a wall, just a fence

People should look at Mattermost application open source for self-hosted end to end encrypted messaging. It's like Slack for developers, used for secure communications by Airforce, Samsung, and more.

And Hardware?

@@GrueneVanilleWaffel Truly difficult finding OS hardware because the scale of production it takes a hardware company to be profitable is a long time horizon and huge amounts of capital. While you can find some OS hardware, you can do a surprising amount of interesting things running with Virtual Machines if you really know what you're doing. Remember, the more convenient/usable the product, the more hackable it is. OG cybersecure guys run many systems straight from the Command Line on an old Thinkpad laptop as a controller for a big server farm, but you have to know what you're doing.

If you don't need a specific app and it might have a security vulnerability and you can't remove it the only think you can really do is not use the entire thing.

reverse engineering doesnt exist apparently

Not with Ghidra it's not.

@@thewhitefalcon8539 If you buy a device with the software instead of installing it yourself, not even Ghidra can help you. If (and the size of that if may vary) the device lets you download the software off of it in order to decompile it, you have to trust that the hardware gives you the same code as whats running.

i think its a jab at the fact iphones are considered "the most secure phone"

​@@detecta100% this. Apple does an awesome job of keeping it's cult brainwashed and loyal. Just like when they used to say "Macs don't get viruses." 😂

I mean an open box also has horrible vulnerabilities... A little harder to make them intentional like in blackbox, but Minnesota Linux kernel ban situation kinda proved it to be possible...

Unfortunately, there are plenty of horrible vulns even in open source. A couple of sudo vulns went undiscovered for over a decade, and these led to full privilege escalation.

@@surewhynot6259 The point was rather, all software has vulnerabilities, and making it closed source makes things worse.

Couldn't you bypass any Linux system by pressing backspace 20 something times?

@@chrisdawson1776 That really was not as big of a deal as people made it out to be, if someone got into the position to exploit that vulnerability you had already lost at every step because the person is literally standing in-front of your system. Generally exploits that require physical access to the system are more of a joke than anything since at that point there are countless non exploit ways to get into the system. But most importantly, that exploit is for GRUB2 if you encrypt your system (if you want password protection on your OS) getting past GRUB2 is going to be utterly worthless. As is i'd bet 99% of users do not have a password set for GRUB2, same goes for corporations (at least those i worked for) because it's simply unnecessary and in a corporate environment you don't want to be locked out of your boot loader with a password. TLDR: that exploit was overblown lwn.net/Articles/668695/

Hardware

@@GrueneVanilleWaffelhe means iOS but yea you’re both right

@@GrueneVanilleWaffel wdym by hardware? Not disagreeing just have no clue what you mean

@@CentreMetresoftware is any sort of application within the device. hardware is the actual device itself and all its parts. a good way to remember it is, if the equipment can be touched it’s hardware, if it cannot it is software

@@DinahAO I know the difference between hardware and software. I just dont get why he meant by the word "hardware"

Chips within chips within chips 🪆

There seems to be some open source hardware development going on, maybe if we get a year of linux desktop one day we get a day of linux cpus.

@@fulconandroadcone9488 Even with open hardware we can't tell if the fab that makes the CPU didn't tamper with it

If the software is FOS, there are plenty enough geeks to find and patch those exploits in due time. If it's not, they will sit there until the for profit programmers who work on things that make them money (AKA not wasting time looking for potential security exploits in the most obscure corners of their source code) to fix it, or for a scandal like this to force their hand. A hardware exploit is meaningless if there is no software path to activate it.

@@fulconandroadcone9488it’s almost impossible for a reasonably priced open source cpu to exist based on just how complicated it is

I love how everyone was in a big fuss about side loading apps being a huge risk while shit like this happens every few years. Just like those massive icloud breaches back in the 2010’s

Or remove apps that might be entry points.

Apple is the virus

dont worry they will, they will keep doing it until our cities are run down with drug users injecting hard drugs on the streets with police refusing to respond while the goverment is openly dismantling even the illusion of democracy. Oh wait...

oh, its just a conspiracy

And also apple themselves are the biggest threat to apple users privacy, and i would like to brag ablut using android, but i don't even think google is less bad... Well at least i use linux on my computer

@@no_name4796 - What we need is a law mandating that all hardware above a certain level of processing capability (IE, anything stronger than a smart phone from ten years ago) has to support an open source operating system - either freeBSD or Linux, where the penalty for a regulator not being able to install Linux or freeBSD on the device, is a full public-domain release of all hardware schematics, and any and all source code related to the device, along with a forfeiture of any copyrights and patents related to said device. We need to stop dancing around the bush on this shit - if it supports Linux then it'll support Windows, Android, and any other operating system in existence as well.

@@no_name4796To be very fair, I think mobile devices are easier to compromise then desktops. I think I saw a video about someone claiming the opposite and I sort of laughed at it, but I couldn’t tell ya if that is true or not. Personally, I think it easier because phones are largely ‘simpler’ systems with more attack vectors since they are ‘smart’ devices. The chips are different from desktops, there is more features like the camera or the fingerprint detection that can make a hacker blush. Finally, I think the more closed source nature of the app stores could be used to maliciously distribute bad code easier then just browsing online. I could be wrong, I am definitely not a security expert.

​@@no_name4796depends on what phone and os you use, you can use lineageos and hell even grapheneos if you want!

as someone who doesnt like apple at all, and genuinely really believes that Pegasus and other mythical creatures exist, your comment has me really confused. i am not being sarcastic at all

Why did you do this

please take my like and delete this naow

Full blown and goatse should NEVER be together in a sentence….. 🤢

This isn't a full blown goatse. It's actually a very typical escalation chain.

I just like the term goatse

because ARM is RISC

Yup. Fuzzing (and JTAG/test pads) is how a lot of this kinda stuff gets discovered.

@@user-dv6yo5bc4z They do it to x86 too. Easier and quicker on RISC chips though.

@@lucasthompson1650 then the question is, doesn't apple has better access to those same things, and could run it from you know start of development instead of having to buy some some and revers engineer all of the stuff?

yeah i've watched some of christopher domas defcon talks on youtube and this is exactly the sprt of stuff he does, And he is just one guy. An entire corporation can surely do the same sort of stuff

Googles not any better lol all big tech companies are a huge privacy concern example being the incognito recently

Look y’all once your device has Wifi, Bluetooth or any means of connecting with the outside world it’s vulnerable, theoretically if you actually wanted to be completely safe you’d need to download all apps and games that you want, then disconnect the Wifi and Bluetooth chip, plus other components that may have contact with the outside world. No system is 100% safe

anglophone try not to blame individuals for systemic issues challenge (just read althusser)

How is this exclusively an Apple thing? Like yes this particular video is about an Apple exploit that is really dangerous and that’s bad, granted. But if you think there aren’t cyber weapons that are just as dangerous targeted around Windows and Linux you are deluding yourself. The US has already leaked some of the ones targeted around Windows accidentally, we know they have them.

i feel like the reason for canada to ban Xiaomi was not because they cared about their citizens' privacy, but rather to monopolize on profiting from their data themselves

This. China doesnt need to collect data themselves, they already have an immense inhouse userbase. And they can just buy it@@myxobe

Nooooo, he gonna defend Apple anyway😂

🔥🔥🥶🥶

The reason why might be as simple as to cut the costs that would go into design and verification stages for a new version of the chip with the registers removed.

Fuzzing won't find everything

Yes, especially when you consider that they could make the exploit dependant on two special instructions in a row. The second won't do anything unless the first one is used directly before and using the first instruction will not produce any visible effect unless the second is used directly after. How you gonna brute force fuzz your way through that? There's exponential possibilities.

@@rivershen8199 plus there could also be built in time depedancies - this adds another level of exponential possibilities.

@@ic7481 It can find A LOT. For example AMD's (formerly Xilinx) bitstream formats of their 7-series FPGAs have been reverse-engineered with fuzzing.

Fuck But we only have closed source hardware

@@GrueneVanilleWaffel you don't run a [obscure piece of technology from 2014 that still uses proprietary parts anyways] big opsec fail...

NOT WITH THAT ATTITUDE WE DONT@@GrueneVanilleWaffel

@@lisam5802 sorry, I don't get it

using open source and foss is seen as socialism for some people

It was with this exact one

And he also thinks they're hardware design debug registers, not an intended backdoor, per se.

@@silverdragonslair The best part these things are not exclusive.

I wonder how long until fully open source chip designs hit the market, I have seen some RISC V but at very low powers, maybe in a few years it will only be a question can we trust the foundry to build actual designs,

What era/chipset is that out of interest?

@@contactjd i mean there is no proof even back then that they arent backdoored. I think in the K& R C boiok there is even a topic about rogue compilers. like the problem goes way back to the 70s/80s.

fr an ios 15.7 jailbreak on non checkm8 devices would be amazing

@@thewonderingape6383aka you currently have that setup right i may or may not be hoping for something similar though lol

@@thewonderingape6383it’s coming

that was a while back and he also covered the news

That was how they got caught, they attacked researchers @ Kaspersky and they managed to uncover the whole thing.

​@@kevinm45684to zipoapps, known to buy projects and then put ads and subscriptions on them So, it was good while it lasted 🫡

​@@kevinm45684zippoapps

​@@kevinm45684some random chinese company that makes ad bloated apps :< But!! If you do NOT update you are fine!

​@@kevinm45684zippoapps

​@@kevinm45684 the same Israeli firm that everyone sells out to and is definitely only in the business of ads and crapware

Brilliant observation!

State level actors can also simply crack open an iPhone and run it under an SEM. Hell, @BreakingTaps does this as an individual. Not a long shot to find secret registers that way.

What's an SEM?

@@afinelad3673scanning electron microscope

Scanning electron microscope. They can detect much finer detail than light can.

You say expert, I say coworker desperately trying to close the Jira ticket from hell to get his manager off his back.

@@theofficialjeff Isn't Jira for software development

@@Arek_R. project management in general ¯\_(ツ)_/¯

You do realize that the "original" FBI charter was written only 40 or so years ago, well after the FBI had been in existence, yes? And no, that original charter makes no mention of requiring phone providers to design a network that can be spied on. The nature of analog and digital are such that they can be spied on. No one forced anyone to make them that way. Anyone who understands even the basics of how wires and circuits work can see that. It's not particularly complicated. 😂

One of the exploits used is from the 90's 😂

"Patch"...🤨

Bogos binted energy 👽

Well, time for PowerPC to come back

RISC-V pls save us!

Rotten 🥧

Do you think Google doesn't include hardware backdoors in their pixel phones?

Nice bet *unless there's a zero day for grapheme we don't know about despite all that open source*

@@kevinm45684 Hello, mr Glowwie 45684

I use a modified Android

@@kevinmiller5467 Still a better bet than the combo of backdoored OS+hardware. Even if the hardware itself is compromised, you have to find an (unintentional) 0 day exploit that escalates you from nothing to hardware level in order to exploit that backdoor anyway. And the grapheneos team has shown that they really dont play around and actively assume through each line they write that "if this piece of code were to be exploited, would the danger at least be contained?" Also it is very difficult nowadays to find hardware that is (provably) not backdoored, or check the integrity of the claimed implementation, which is why even if they open sourced their titan m firmware you still would not be completely sure. This is why bothering with such details goes beyond tinfoil hat territory. I mean if someone else with backdoor access gets a physical hold of your phone you would be screwed but if your threat model is that large and you got in that situation you screwed up somewhere else entirely anyway...

Do you really think android is safer?

@@Not_Airrack at this point anything is better than apple, and the best choice of all is to get off grid, cant hack what isn't digital. when real life comes knocking these hackers wont be safe. Real Life catches up to everyone

It’s honestly mostly about the convenience of a simple device. I still have an android for work and more heavy duty stuff but an iphone is an easier daily driver for simple tasks.

@@firewhite Apple is not more convenient its OS is built so that normies cant do anything with it other than what apple allows....these people must like being in a playpen while everyone else goes outside to the real playground. saying apple is an "easier daily driver for simple tasks" is like saying a children's learning computer from playschool is the best choice for people who need an "easier daily driver for simple tasks" the problem is people refuse to adapt to technology and the companies are taking advantage of said ignorant customer who refused to move away from a locked system that they don't even truly own, therefore allowing the industry to corner people into thinking that a closed system is better than an open one it happened to restaurants, it happened to cars, and now its happening to basic computer and phone....

​@@Not_Airracklaughs in graphene os yes mate it is :P

lmao 🤣🤣🤣

Bro is a doppelgänger

its always malice, no company in the modern era hides info because of embarrassment to them embarrassments are just good coverage until the majority of people "forget" after 24hours.....these new age people might as well have the memory of a goldfish, if you don't maintain training fish just default back to base needs, like the fools who run a good country into the ground for "the greater good"

Or archaic licensing deals from 30+ years ago that are still in effect.

Or u don’t want an open source version to float around?

Lol so I can have anything in your bank account and retirement accounts right? You don’t have anything to hide and you don’t believe in private property rights, so why not send your life savings to me?

@@cat-.- This

I've been suspecting this for years, suprised to hear pseudo confirmation

And in 90% of cases are re-brands made in china from used/bad binned chips. No wonders here, even if they have a tech, there is no way to make modern things, there are no factories capable of making them (even something of 2010`s level of architecture).

I'm not sure about the government jobs, but pretty much everyone here uses WhatsApp, no matter the age. Younger folk (especially females) uses Instagram (via VPN) - both belong to Meta.

I hate the Celtics but I love FOSS

What kind of development studios need debug function enabled?

Reminds me of the AMD Athlon cpu, you could increase the clock speed with a small line of pencil between two points

Development studios, what? This isn't a console or something similar, there's no such a thing as an iPhone devkit. It's just the combo xcode and whatever runs ios.

Dude, you DON'T just "forget" at multi-BILLION ultra-high-tech production where every step is approved, monitored, checked and re-checked multiple times by different people and machines.

When they get messages with links to blogs describing it they will most likely self destruct on arrival without trace.

Use it for root ) Seriosly, though, it's scary. I'd get rid of any apple shit long ago.

poking memory at random goes brrrrrrrrr

your not allowed to produce systems impervious to the nsa if you do they will literally kill you

Apple wouldn't be able to hide something like that for long.

@@JPS13Laptop if they're gonna do something like brick their devices, yeah that would be painfully obvious but something like taking screenshots and recording keyboard input, that's something that a user wouldn't be able to to identify much less detect using a network packet sniffer when that data is discretely sent back using encryption. It's even something that apple can write off as quality assurance telemetry used for improving the iOS ecosystem and users would have 0 evidence to prove the contrary since they wouldn't be able to read the data being sent back. Keyboard inputs are already sent back for text prediction, the photos you take that automatically get uploaded to iCloud are reviewed by apple for regulatory compliance, your text messages are processed through Apple servers. Breaking end to end encryption is straightforward for apple and only requires a couple changes of code to grant themselves access and no one else. No one would even notice since the imessage's source code isn't visible to the public.

@@brandonn.1275 There is always a way to read the data coming out of a device. Even the encrypted stuff.

"But we didn't do it on purpose! It was just a vulnerability, we took immediate steps to resolve the issue blah blah"

@@georgek4416 and it can last only of an update cycle, at which point the switch it out and by the time someone figures it was a breach it will be "patched" for a very long time

Yes ... It's the same reason for solar winds

These are fully functional registers, this isn't an accidental design flaw like some examples FPU or branch prediction errors that can be used for exploits.

wrong apple not acting with malice is literally against the laws of physics its not physically possible for anything apple does to not be malicious its malicious by default BECAUSE its apple

Having a smart phone in general, is a privacy concern. If you think android is safe, you’re fooling yourself. If you think I’m saying this just to defend apple, you’re a wrong. I see the pros and cons of both devices.

@@Haunting_Shadow Google is similar i know

Unironically one of the only good thing about the invasion is the amount of boost software import substitution programmes got. I know even some school computers use Alt instead of Windows now

@@lmnk and might lead to a strong software community which in turn might be more capable of exploiting flaws in modern hardware whilst patching there own,