New hack breaks open Apple’s USB-C security – AppleInsider
AAPL: 233.78 ( 0.62 )
Copyright © 2025 Quiller Media, Inc. All rights reserved.
USB-C on an iPhone 15Last updated 1 day agoA security researcher has worked out how to hack a proprietary USB-C controller used by Apple, an issue that could eventually lead to new iPhone jailbreaks and other security problems.
As one of the more privacy and security-focused companies, Apple has become a prized target for hackers to beat. In one instance, it seems the iPhone’s USB-C controller has become a risk factor.
Revealed at the 38th Chaos Communication Congress in December, with information only being revealed to the public in January, researcher Thomas Roth presented a demonstration of attacking the ACE3 USB-C controller.
The ACE3 USB-C controller is a key element, as it is in charge of recharging the device and handling data transfers. It first appeared in the iPhone 15 generation, managing the included USB-C port.
SiliconAngle reports Roth managed to reverse-engineer the controller, exposing its firmware and communication protocols. From there, he could reprogram the controller to perform acts, such as injecting malicious code and bypassing important security checks.
A somewhat limited intrusionWhile the hack sounds like a massive issue, it’s not really a problem for the vast majority of users. To achieve it, Roth relied on custom USB-C cables and devices, and needed clear physical access to the device to pull it off.
Though this would only be needed for initial access to the vulnerability, a compromised controller could be further manipulated without necessarily requiring such access.
The key is the need for physical access from the start, which rules out the attack being a danger to the vast majority of Apple users. This doesn’t rule out its use maliciously against some people who may consider themselves targets of nation states and other major bad actors, but that is a very small number of people.
A more realistic use for the attack is for jailbreaks, as Cyber Security news adds. By compromising the controller, it could result in untethered jailbreaks with persistent firmware implants, which can keep the operating system compromised.
There is also the feasibility of it being a potentially easier jailbreak to keep active despite Apple’s software efforts, simply because it’s a hardware attack. That said, it would also limit the potential reach of a jailbreak technique due to the hardware required.
Apple has not yet commented on the researcher’s demonstration nor its implications. As one of the more privacy and security-focused companies, Apple has become a prized target for hackers to beat. In one instance, it seems the iPhone’s USB-C controller has become a risk factor.
Revealed at the 38th Chaos Communication Congress in December, with information only being revealed to the public in January, researcher Thomas Roth presented a demonstration of attacking the ACE3 USB-C controller.
The ACE3 USB-C controller is a key element, as it is in charge of recharging the device and handling data transfers. It first appeared in the iPhone 15 generation, managing the included USB-C port.
SiliconAngle reports Roth managed to reverse-engineer the controller, exposing its firmware and communication protocols. From there, he could reprogram the controller to perform acts, such as injecting malicious code and bypassing important security checks.
While the hack sounds like a massive issue, it’s not really a problem for the vast majority of users. To achieve it, Roth relied on custom USB-C cables and devices, and needed clear physical access to the device to pull it off.
Though this would only be needed for initial access to the vulnerability, a compromised controller could be further manipulated without necessarily requiring such access.
The key is the need for physical access from the start, which rules out the attack being a danger to the vast majority of Apple users. This doesn’t rule out its use maliciously against some people who may consider themselves targets of nation states and other major bad actors, but that is a very small number of people.
A more realistic use for the attack is for jailbreaks, as Cyber Security news adds. By compromising the controller, it could result in untethered jailbreaks with persistent firmware implants, which can keep the operating system compromised.
There is also the feasibility of it being a potentially easier jailbreak to keep active despite Apple’s software efforts, simply because it’s a hardware attack. That said, it would also limit the potential reach of a jailbreak technique due to the hardware required.
Apple has not yet commented on the researcher’s demonstration nor its implications. Based in South Wales, Malcolm Owen has written about tech since 2012, and previously wrote for Electronista and MacNN. In his downtime, he pursues photography, has an interest in magic tricks, and is bothered by his c…While it might not be an issue for most people now, left unpatched, it could become a bigger problem later on, if someone can leverage already existing charging hacks. So it’s still a good idea to use only trusted cables and chargers.
While it might not be an issue for most people now, left unpatched, it could become a bigger problem later on, if someone can leverage already existing charging hacks. So it’s still a good idea to use only trusted cables and chargers.If it wasn’t for jailbreaking you wouldn’t have the iPhones control center. This is fact. More innovation has been done by jailbreakers for the iPhone. Of course it’s impossible now to do so. I remember having one jailbreak to be able to automatically play my music when connecting to my Bluetooth device in my car. This was on an iPhone 3GS. It’s only until the Apple App Shortcuts came out that you could do this. And Apple does not let you differentiate between the Music app that you want to use. Android has apps that let you do this. Apple does not. at least for music
If it wasn’t for jailbreaking you wouldn’t have the iPhones control center. This is fact. More innovation has been done by jailbreakers for the iPhone. Of course it’s impossible now to do so. I remember having one jailbreak to be able to automatically play my music when connecting to my Bluetooth device in my car. This was on an iPhone 3GS. It’s only until the Apple App Shortcuts came out that you could do this. And Apple does not let you differentiate between the Music app that you want to use. Android has apps that let you do this. Apple does not. at least for musicMy usb-c port is usually filled with pocket lint and bubblegum as a security precaution. Isn’t everybody’s?
My usb-c port is usually filled with pocket lint and bubblegum as a security precaution. Isn’t everybody’s? Thank the goddess we got rid of that horrific Lightning mess.
Thank the goddess we got rid of that horrific Lightning mess. I’m sure this will be good for police/FBI/DHS/CIA. A way to break into iPhones like GreyKey.
I’m sure this will be good for police/FBI/DHS/CIA. A way to break into iPhones like GreyKey.If you’re tired of smelly garbage, the Vego Kitchen Composter is a great way to responsibly dispose of food scraps — if you’re fine with sacrificing the countertop space.Always on a quest to bring readers the steepest savings, AppleInsider has partnered with B&H Photo to drop prices on two MacBook Pro configurations from Apple’s M4 Pro line.watchOS 11.3 has received its third developer beta, following the arrival of similar beta updates for the HomePod and Apple TV only hours earlier.Apple has moved on to its third round of developer betas, but it has started quietly with a trial of tvOS 18.3’s third beta, along with HomePod OS 18.3.The Apple Watch Series 10 has been on my wrist for three months now and it’s clear that it’s the best smartwatch Apple ever made. But that doesn’t mean there aren’t things that a future Series 11 could do better.Apple has joined the board of directors for the Ultra Accelerator Link Consortium, giving it more of a say in how the architecture for AI server infrastructure will evolve.MacBook deals are heating up this Tuesday, with Apple’s latest M4 14-inch MacBook Pro on sale for $1,799 when equipped with 24GB of RAM and 1TB of storage.Adobe is giving private beta users a chance to test out a long-anticipated feature — allowing more than one person to access and edit Photoshop documents simultaneously.Apple has joined the board of directors for the Ultra Accelerator Link Consortium, giving it more of a say in how the architecture for AI server infrastructure will evolve.As Apple tries to diversify its supply chain, China’s tightened export controls are slowing things down as the country asserts its manufacturing dominance.After four years of planning, TSMC is now finally going to make older iPhone processors in the US, but it’s not and never will be a true return to American manufacturing.
