this post was submitted on 17 Jan 2025
49 points (94.5% liked)
Cybersecurity
5993 readers
107 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's not what it sounds like. This is what happens when politicians force reasonable tech standards but let the companies in question implement the standard as cheaply as they want.
Emphasis mine.
Apple knew they were going to be forced to change, and they could have found a better controller, but they didn't. They could have followed suit with the Android industry, but they just had to do things in that "walled-garden" way only Apple does.
Wasn't Apple already using USB-C on iPads? Are the iPads using the same controller or did they change it up?
Who do you believe fabricated that controller?
Are you about to pivot into Chinese conspiracy theories? Because if so, I don't care, unless you have evidence for this specific USB-C controller.
Mf did you even watch the video? The security researcher explains what happened when the EU forced apple to move to USB-C.
They say what controller they used, which manufacturer made it, how it was exploited, and how that wasn't an issue on the lightning port.
Apple messed up is what happened. None of the other manufacturers appears to have this issue, despite the same legislation applying to them.
This is solely on Apple fucking up.
Correct. iPhone 14 and under are not affected because they don't have the texas instruments usb-c controllers. The mandated change brought about the new requirement. They had to move to a less researched, and obviously less secure format. Itll get better as we go, but its going to be hell for a while as these new flaws are found.
It's also not an issue on every other USB c controller made.
It's an apple issue because Apple made poor choices because Apple insists they have to be different in a special broken way. Because people like you are too far up your own ass to know any better.
Correct. iPhone 14 and under are not affected because they don't have the texas instruments usb-c controllers. The mandated change brought about the new requirement. They had to move to a less researched, and obviously less secure controller. Itll get better as we go, but its going to be hell for a while as these new flaws are found.
How come it's only Apple devices that are affected and not the others?
Are apple devices the only phones that use the Texas Instruments ACE3 controller?
Yes. This controller was specifically created for Apple and it's a proprietary chip.
No other manufacturer uses it, and thus no other manufacturer has these security flaws. Apple didn't rely on existing, tried and tested controllers but had to make something proprietary and 'special', and the fucked up in doing so.
They had used the ACE2 in previous models, which didn't have these flaws. What was the difference?