Re: The 'Checkm8' exploit isn't a big deal to iPhone or iPad users, and here's why

[. Arlen Holder]

On 29 Sep 2019 15:52:25 GMT, Jolly Roger wrote:

> If you take anything away from this, it should be that your are no less
> safe today from the reveal of Checkm8 than you were yesterday, or the
> day before, or four years ago.

FACTS:
This widespread Apple iPhone security flaw can't be patched without
literally changing the physical chip where the bootrom code resides.

ASSESSMEMNT:
This permanent iPhone vulnerability which Apple missed, is a boon to
jailbreakers who own Apple iPhones which are older than the iPhone Xs.

--
As Jolly Roger said years ago, an 8-year old can jailbreak an iPhone.

[Lloyd Parsons]

. Arlen Holder <.arlen...@arling.hlder.edu> wrote:
> On 29 Sep 2019 15:52:25 GMT, Jolly Roger wrote:
>
>> If you take anything away from this, it should be that your are no less
>> safe today from the reveal of Checkm8 than you were yesterday, or the
>> day before, or four years ago.
>
> FACTS:
> This widespread Apple iPhone security flaw can't be patched without
> literally changing the physical chip where the bootrom code resides.
>
> ASSESSMEMNT:
> This permanent iPhone vulnerability which Apple missed, is a boon to
> jailbreakers who own Apple iPhones which are older than the iPhone Xs.
>

Fact : This flaw only affects those whose phone was stolen or found or were
stupid enough to loan it to a hinky friend. And then only until the next
boot.

Assessment : Not something to worry about.

--
Lloyd

[. Arlen Holder]

On 30 Sep 2019 15:51:10 GMT, Lloyd Parsons wrote:

> Fact : This flaw only affects those whose phone was stolen or found or were
> stupid enough to loan it to a hinky friend. And then only until the next
> boot.
>
> Assessment : Not something to worry about.

Hi Lloyd,

Hehheh... you apologists always guess wrong...

Thanks for posting because you again proved my point about apologists:
1. Apologists don't seem to comprehend even the simplest of basic facts
2. Which is why apologists consistently make their bad assessments

ADDITIONAL FACTS:
Most generations of iPhones and iPads are vulnerable, from the widely sold
older iPhone 4S (A5 chip) to the newer iPhone 8 and iPhone X (a11 chips).
<https://twitter.com/axi0mX>

ADDITIONAL ASSESSMENT:
The great news is this permanent vulnerability in the older iPhone and iPad
bootrom is yet another jailbreaking avenue.

Since adults form belief systems that other adults agree with
o Just read the finalizing quote from Jolly Roger's own cite!

<https://appleinsider.com/articles/19/09/28/the-checkm8-exploit-isnt-a-big-deal-to-iphone-or-ipad-users-and-heres-why>
"This is a big deal for the jailbreak community."

--
As Jolly Roger said years ago, any 8-year old can jailbreak on iOS!

[Lloyd Parsons]

. Arlen Holder <.arlen...@arling.hlder.edu> wrote:

So what? I have no issue with the jailbreak community. As to a
vulnerability that iphone users should worry about, this ain’t one of them.
Go back to playing with your twinky, assuming you can find it.

--
Lloyd

[nospam]

In article <qmt99f$jdn$1...@news.mixmin.net>, . Arlen Holder

<.arlen...@arling.hlder.edu> wrote:

>
> > Fact : This flaw only affects those whose phone was stolen or found or were
> > stupid enough to loan it to a hinky friend. And then only until the next
> > boot.
> >
> > Assessment : Not something to worry about.
>
>

> Hehheh... you apologists always guess wrong...

he isn't guessing.

[. Arlen Holder]

On 30 Sep 2019 16:30:25 GMT, Lloyd Parsons wrote:

> So what? I have no issue with the jailbreak community. As to a
> vulnerability that iphone users should worry about, this ain't one of them.
> Go back to playing with your twinky, assuming you can find it.

Hi Lloyd Parsons, aka Elfin,

I'm going to attempt to reason with you as if you are an adult, Lloyd.

In deference to badgolferman's suggestion to stop dropping to your level
o This is my last response to you, Lloyd (aka Elfin) in this thread.

Notice Lloyd, that you guessed wrong on both the facts & assessment.
o As did Jolly Roger guess completely wrong (just as you did)

I repeat the quote: "this is a big deal to the jailbreak community".
o I never said it was a big deal to other iOS owners - not even once.

Notice you guess that I said something else in my prior two posts.
o And yet, as usual, you guessed wrong (again).

Apologists guess wrong - all the time, Lloyd.
o Without me to point that out - truth might never set in on this ng.

Apologists have two common traits, which you just proved (again) for us:
1. Apologists fail to comprehend basic facts (e.g., what my posts said)
2. Hence, apologists fail to make logical assessments (as you just proved)

Also notice apologists are so AFRAID of these obvious facts...
o That apologists turn into "instant children" when faced with facts.

As you just proved for me, Lloyd (aka Elfin).

--
There are good reasons the score of known apologists are listed in the OP.

[. Arlen Holder]

On Mon, 30 Sep 2019 12:37:34 -0400, nospam wrote:

> he isn't guessing.

In deference to badgolferman, I'm going to ignore your purposefully
worthless purposefully unhelpful posts in this thread, nospam.

I strive for 100% credibility on the facts I bring to this ng.
o You just guess at everything - and - you guess wrong half the time.

Your credibility on facts is no better than the result of a coin toss.
o Worse - you turn into "instant child" the moment you're faced with fact

--
This is my last response to nospam in this thread - as per badgolferman.

[badgolferman]

. Arlen Holder wrote:

>In deference to badgolferman, I'm going to ignore your purposefully
>worthless purposefully unhelpful posts in this thread, nospam.

Please feel free to do as you wish. I'm merely sitting here mucnching
on the popcorn and watching the show!

[Your Name]

On 2019-09-30 07:15:14 +0000, . Arlen Holder said:
> On 29 Sep 2019 15:52:25 GMT, Jolly Roger wrote:
>>
>> If you take anything away from this, it should be that your are no less
>> safe today from the reveal of Checkm8 than you were yesterday, or the
>> day before, or four years ago.
>
> FACTS:
> This widespread Apple iPhone security flaw can't be patched without
> literally changing the physical chip where the bootrom code resides.
>
> ASSESSMEMNT:
> This permanent iPhone vulnerability which Apple missed, is a boon to
> jailbreakers who own Apple iPhones which are older than the iPhone Xs.

And the moronic know-nothing asswipe troll changes his name yet again. :-\
Just ignore that dumbass shitheaded fool, whatever name he uses!

[. Arlen Holder]

On Tue, 1 Oct 2019 08:09:53 +1300, Your Name wrote:

> And the moronic know-nothing asswipe troll changes his name yet again. :-\
> Just ignore that dumbass shitheaded fool, whatever name he uses!

Those who willfully choose to ignore basic facts - forever remain ignorant.

o Alan Baker <nu...@ness.biz>
o Alan Browne <bitb...@blackhole.com>
o Andreas Rutishauser <and...@macandreas.ch>
o Beedle <Bee...@dont-email.me>
o B...@Onramp.net
o Chris <ithi...@gmail.com>
o Davoud <st...@sky.net>
o Elden <use...@moondog.org>
o Elfin <elfi...@gmail.com> (aka Lloyd, aka Lloyd Parsons)
o Hemidactylus <ecph...@allspamis.invalid>
o joe <no...@domain.invalid>
o Joerg Lorenz <hugy...@gmx.ch>
o Johan <JH...@nospam.invalid>
o Jolly Roger <jolly...@pobox.com>
o Lewis <g.k...@gmail.com.dontsendmecopies>
o Lloyd <elfi...@gmail.com> (aka "Elfin")
o Lloyd Parsons <lloy...@gmail.com> (aka "Elfin")
o Meanie <M...@gmail.com>
o nospam <nos...@nospam.invalid> (bullshitter par excellence)
o Sandman <m...@sandman.net> (hates any and all facts about Apple)
o Savageduck <savageduck1@{REMOVESPAM}me.com>
o Snit <use...@gallopinginsanity.com> (aka Michael Glasser)
o Tim Streater <timst...@greenbee.net>
o Wade Garrett <wa...@cooler.net>
o Your Name <Your...@YourISP.com>
o et al.

[nospam]

In article <qmtqm7$vc8$1...@news.mixmin.net>, . Arlen Holder
<.arlen...@arling.hlder.edu> wrote:

> I willfully choose to ignore basic facts - forever remaining ignorant.

ftfy

[Arlen _ Holder]

On Mon, 30 Sep 2019 18:23:08 -0400, nospam wrote:

> ftfy

The important fact for adults to comprehend is that Apple doesn't test
iPhones sufficiently.

"it took only two seconds to crack the [iPhone X]"

"This allows almost all Apple A11 and all previous chips to
be jailbroken at any time."

o NEW ĄUNREPAIRABLE˘ APPLE CHIP VULNERABILITY ALLOWS IPHONE TO JAILBREAK
<https://www.gizchina.com/2019/09/30/new-unrepairable-apple-chip-vulnerability-allows-iphone-to-jailbreak/>

[Lewis]

Also, tricky to pull off anyway, and doesn't work consistently.

> Assessment : Not something to worry about.

Troll gotta troll.

Meanwhile, 11 year old hackers can get into any Android phone in
seconds,.

--
Never trust a man who, when left alone in a room with a tea cosy,
doesn't try it on -- Billy Connolly

[nospam]

In article <slrnqp6mmo....@mac-mini.lan>, Lewis

<g.k...@gmail.com.dontsendmecopies> wrote:

> Meanwhile, 11 year old hackers can get into any Android phone in
> seconds,.

and voting machines...

[badgolferman]

I read somewhere some districts were experimenting with smart phone
voting...

[Jolly Roger]

No thanks. My paper ballot shows up in my mailbox. I don’t have to even get
dressed or leave my home to vote. And there’s a clear paper record of my
vote as well. All states should do this, IMO.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[badgolferman]

Jolly Roger wrote:

>badgolferman <REMOVETHISb...@gmail.com> wrote:
>> nospam wrote:
>>
>>> In article <slrnqp6mmo....@mac-mini.lan>, Lewis
>>> <g.k...@gmail.com.dontsendmecopies> wrote:
>>>
>>>> Meanwhile, 11 year old hackers can get into any Android phone
>>>>in seconds,.
>>>
>>> and voting machines...
>>
>> I read somewhere some districts were experimenting with smart phone
>> voting...
>
>No thanks. My paper ballot shows up in my mailbox. I don’t have to
>even get dressed or leave my home to vote. And there’s a clear paper
>record of my vote as well. All states should do this, IMO.

How is your identity verified?

In my opinion if anyone wants to vote they should go to the ballot and
pull levers or fill out paper ballots, no electronic voting. If they
are laid up or home bound an election commission representative can go
to them and verify their identity and have them fill out ballots.

[Arlen _ Holder]

On Tue, 1 Oct 2019 15:58:41 +0000 (UTC), badgolferman wrote:

> How is your identity verified?
>
> In my opinion if anyone wants to vote they should go to the ballot and
> pull levers or fill out paper ballots, no electronic voting. If they
> are laid up or home bound an election commission representative can go
> to them and verify their identity and have them fill out ballots.

Out here, in California, in the mountains, EVERYONE has a paper ballot.
o Everyone

There is no polling station for us.
o It's all mail.

Always.

I have so many ballets sent to me each time, it's not funny.
o Vietnamese, Spanish, Mandarin, you name it - they send it.

Each ballot in a separate envelope.

Lots of names too.
o All the same (or similar) address though.

As they all arrive in my mailbox.

[Your Name]

On 2019-10-01 09:02:41 +0000, Arlen _ Holder said:
> On Mon, 30 Sep 2019 18:23:08 -0400, nospam wrote:
>
>> ftfy
>
> The important fact for adults to comprehend is that Apple doesn't test
> iPhones sufficiently.
>
> "it took only two seconds to crack the [iPhone X]"
>
> "This allows almost all Apple A11 and all previous chips to
> be jailbroken at any time."
>

> o NEW ĄUNREPAIRABLEĒ APPLE CHIP VULNERABILITY ALLOWS IPHONE TO JAILBREAK
> <https://www.gizchina.com/2019/09/30/new-unrepairable-apple-chip-vulnerability-allows-iphone-to-jailbreak/>
>

The brainless dumbass changes his name yet again. What an immature moron. :-\

[Arlen G. Holder]

On Wed, 2 Oct 2019 13:33:36 +1300, Your Name wrote:

> The brainless dumbass changes his name yet again. What an immature moron. :-\

Each time you post, I appreciate that you remind me to flip the switch.
o In addition, read the related news about Apple's chronic lack of testing.

What this proves, yet again, is Apple forgot to test what they release.
o Worse, Apple REBROKE their own software - TWICE - due to incompetence.

o The iOS Checkm8 jailbreak is hugely significant
<https://www.wired.co.uk/article/ios-jailbreak-checkm8-iphone>

The diarrhea never seems to end with Apple, where they can't even patch
this flaw that they kept forgetting to test for, year, after year.

Back in August, Apple released an iOS 12.4 update which unpatched a
jailbreak vulnerability which took advantage of the ˉSockPuppetˇ flaw, and
was swiftly patched by a red-faced Apple. While embarrassing, that mistake
pales in comparison to the recent vulnerability of Checkm8.

The flaw affects an eye-watering number of iOS devices, from devices with
an A5 chip all the way to those with the A11 chip, meaning iOS devices such
as undeniably ancient iPhone 4S all the way to the  still relatively new 
iPhone X

¨Certain users like to do more with iOS than what Apple allows. They like
the hardware and software but find the restrictions too limiting,〃

See also:
o The unprecedented iPhone jailbreak is a huge deal for Apple
"The iOS 12.4 jailbreak is a huge error by Apple"
<https://www.wired.co.uk/article/iphone-jailbreak-ios-12-4-update>

What this proves, yet again, is Apple forgot to test what they release.
o Worse, Apple REBROKE their own software - TWICE - due to incompetence.

"Apple first fixed the problem in iOS 12.3 but reintroduced it in the
latest version of its code, iOS 12.4, which was released in June. In doing
so, Apple has inadvertently made it easier to jailbreak and hack its own
product. This weakness let an attacker corrupt the phone's kernel memory,
allowing a security researcher, called Pwn20wnd, to develop and publish an
iPhone jailbreak."

[Your Name]

On 2019-10-02 06:37:08 +0000, Arlen G. Holder said:
> On Wed, 2 Oct 2019 13:33:36 +1300, Your Name wrote:
>> The brainless dumbass changes his name yet again. What an immature moron. :-\
>
> Each time you post, I appreciate that you remind me to flip the switch.

Moronic little asswipe troll. :-\

[Leonard Blaisdell]

In article <gvhka5...@mid.individual.net>, Jolly Roger
<jolly...@pobox.com> wrote:

> On 2019-10-01, badgolferman <REMOVETHISb...@gmail.com> wrote:

> > Jolly Roger wrote:

> > How is your identity verified?
>

> Efficiently and effectively. My signature is on file. Only my wife and I
> live at this address. And I can view my registration and track my ballot
> online anytime I want. Everyone here who is eligible to vote is
> automatically registered when they obtain or renew their drivers
> license after showing proof of citizenship. There's no chance of
> hacking with a paper ballot and no machine in the middle. Despite your
> "fears", voter fraud is very low here, and violators are prosecuted.

>
> > In my opinion if anyone wants to vote they should go to
>

> Fuck that. I don't have to leave the house as it is. That would be a
> huge step backwards. You go ahead and drive around and stand in long
> lines if you want to. Don't impose that bullshit on the rest of us.

>
> > If they are laid up or home bound an election commission
> > representative can go to them and verify their identity and have them
> > fill out ballots.
>

> Ridiculous.

Absentee ballots are convenient. They are also begging for fraud.
Anybody ->(not you)<- can sell their vote when it's mailed to them. The
co-fraudster just has you sign your ballot, remunerates you, fills the
ballot in as they please and mails it in. I would be happy to be wrong
on my premise and open to education on the subject.
The world is full of crooks promoting their cause by any means
necessary.

leo

[Arlen .g. Holder]

On Wed, 2 Oct 2019 19:50:36 +1300, Your Name wrote:

> Moronic little asswipe troll. :-\

On Wed, 2 Oct 2019 19:50:36 +1300, in misc.phone.mobile.iphone you wrote:

> Moronic little asswipe troll. :-\

Hi YourName,

I love when you apologists post because you prove me right - every time!
o You react to well-cited facts with instant vitriolic hatred

Why?
o I don't know why.

I think facts conflict with what Apple marketing fed you to believe.

FACTS:
o The exploit affects flawed A5 iOS devices, to the flawed A11 series.
o The flaw is built into iPhone 4S to iPhone X, including the flawed iPad 2
o The vulnerability even affects the flawed 5th gen iPod Touch

ASSESSMENTS:
o Apple's lack of sufficient testing allows downgrading iOS versions
o Due to Apple's lack of testing, you can now dual-boot iOS devices
o Apple lack of Quality Assurance (i.e., no QA) allows custom firmware

--
PS: Thanks for consistently reminding me when to change; much appreciated.

[Jolly Roger]

Get back to us when you can prove it’s a statistically significant problem.
Don’t worry. I won’t hold my breath or anything. Meanwhile, you’ll just
have to deal with the fact that I have no lines to stand in, and my votes
are counted and traceable.

[Arlen Holder]

On 29 Sep 2019 15:52:25 GMT, Jolly Roger wrote:

> <https://appleinsider.com/articles/19/09/28/the-checkm8-exploit-isnt-a-big-deal-to-iphone-or-ipad-users-and-heres-why>
>
> The 'Checkm8' exploit isn't a big deal to iPhone or iPad users, and here's why

Regarding Jolly Roger's thread:
o The 'Checkm8' exploit isn't a big deal to iPhone or iPad users, and here's why
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/cwlXKVyQfT4/fXuvPGxTCgAJ>

Notice Jolly Roger "claims" that Checkm8 is "not a big deal", and yet, it
is _clearly_ a big deal, as the recent Saudi Arabian incident shows.
o WSJ: *Investigators Say iPhone Easier to Crack*
<https://www.wsj.com/articles/as-justice-department-pressures-apple-investigators-say-iphone-easier-to-crack-11579010143>

"Cellebrite has been able to gain access to data on the iPhone 5
since at least 2015..."

"Forensic tools used to hack into iPhones have been enhanced recently,
*thanks to software called Checkm8 that exploits a vulnerability* in
Apple's hardware. *It allows forensics tools to download data*, such
as deleted files, *that is often hidden from even the users* of the
iPhone"

"A forensics tool built with Checkm8 works on all iPhone devices from
the iPhone 5s to the iPhone X, and exploits a hardware bug that
Apple is unable to patch"

Notice the Apple Apologists like Jolly Roger, Lloyd Parsons (and all his
socks), nospam, Lewis, YourName, et al., all don't comprehend even this,
one of the most basic of facts about the unrepairable Checkm8 exploit.

It's one of the reasons that iPhone exploits are so cheap nowadays:
o Why zero day Android exploits cost far more than zero day iOS exploits
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/9koS-SuRqgw>

There's are so many, it's harder to break Android nowadays, than iOS.

--
Apologists always downplay the very many serious iOS vulnerabilities.

[Arlen Holder]

o Yet again, apologists Jolly Roger (& Lloyd Parsons & nospam & Your Name
& Lewis) prove to not own adult cognitive skills
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/10dBShPJK9s>

For years, I've studied the quixotic apologists who prove, time and again,
to not appear to adult cognitive skills.

The proof is that Apologists' belief systems are completely imaginary.

Case in point, yet again, these 5 canonical apologists easily prove to
clearly not own adult cognitive skills.
o Jolly Roger
o Lloyd Parsons
o nospam
o YourName
o Lewis

Apologists are not like normal adults when it comes to...
a. Facts
b. Assessment of those facts
c. Forming imaginary belief systems

I think this huge flaw in apologists' cognition is why apologists migrate
so wonderfully to (admittedly brilliant) APPLE MARKETING messaging.

Yet again, it's trivial to show, unlike with normal adults, apologists are
utterly _immune_ to facts - such that their underlying belief systems turn
out almost always to be wholly imaginary (mostly based on APPLE MARKETING
instead of being based on logic, sense, & rational factual assessments).

FACT:
The quintessential Apple apologist, Jolly Roger, posted recently:
o *The 'Checkm8' exploit isn't a big deal to iPhone or iPad users, and here's why*
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/cwlXKVyQfT4/fXuvPGxTCgAJ>
which the canonical apologists listed above, all mirrored.

ASSESSMENT:
o Trump, Barr, and the FBI do not need Apple to unlock iPhones
<https://www.phonearena.com/news/fbi-does-not-need-apple-to-unlock-terrorists-iphones_id121625>

o iPhone Hacking Firm Updates Tool in Midst of Apple-FBI Spat
<https://www.bloomberg.com/news/articles/2020-01-14/iphone-hacking-firm-updates-tool-in-midst-of-apple-fbi-spat>

Celebrite wrote to its customers this week:
"'For the first time ever, a wealth of previously untapped data sets from
iOS devices can be leveraged to change the course of investigations,'

"'This update allows you to quickly perform a forensically sound
temporary jailbreak and full file system extraction within one streamlined
workflow.'"

"*The tool uses an exploit called _Checkm8_* that allows access to chips
running on iPhones released between 2011 and 2017. Cellebrite... said its
latest version of the tool works with the iPhone 5S, first sold in 2013,
through the iPhone X, sold in 2017."

Yet again, apologists Jolly Roger (& Lloyd Parsons & nospam & Your Name &
Lewis) prove to not own adult cognitive skills.

--
Apologists easily prove to not appear to own adult cognitive skills.

[Arlen Holder]

On Sat, 18 Jan 2020 18:15:41 -0000 (UTC), Arlen Holder wrote:

> o Yet again, apologists Jolly Roger (& Lloyd Parsons & nospam & Your Name
> & Lewis) prove to not own adult cognitive skills
> <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/10dBShPJK9s>

> For years, I've studied the quixotic apologists who prove, time and again,
> to not appear to adult cognitive skills.

On Sat, 18 Jan 2020 12:37:10 -0800, Alan Baker wrote:

> Why aren't you competent enough to link to the specific post

Hi Alan Baker,

I'm going to answer your query as if you own the brain of an adult.

FACTS.
o *Checkm8 is damn severe & yet, apologists are oblivious to that fact.*
ASSESSMENT.
o *Yet again, apologists prove to not own adult cognitive capabilities.*

Of the score of apologists, the fact is that 1/4 proved to NOT own adult
comprehensive skills in that thread, whether you like that fact or not.
o *Apologists (yet again) prove to be utterly _immune_ to facts, and,*
o *Apologists (yet again) prove to form wholly imaginary belief systems.*

The facts clearly prove that _adult_ assessment...
o Apologists prove, time & again, to own the cognitive skills of a child.

Below are the exact posts from each of the five aforementioned apologists.
o Show me just once where they showed "normal" adult communication skills.

These five apologists proved, yet again, to own a child's cognitive skills.

In order of posting, those five known child-like apologists clearly proved
(yet again) to act exactly like children do, in the face of what is
clearly, a permanent threat to the security & privacy of iPhones.

o Jolly Roger
o Lloyd Parsons
o nospam
o Your Name
o Lewis

In order of posting, here are references proving that simple fact that
fully 1/4 of the known Apple Apologists on this newsgroup proved, in that
thread, yet again, to not own the cognitive skills of a normal adult.
o Jolly Roger
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why>

o Lloyd Parsons
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post3>
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post5>

o nospam
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post6>
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post12>

o Your Name
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post10>
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post23>

o Lewis
<https://misc.phone.mobile.iphone.narkive.com/365fo343/the-checkm8-exploit-isn-t-a-big-deal-to-iphone-or-ipad-users-and-here-s-why#post14>

Clearly, any adult can see each of these apologists, when confronted with
facts, chose to act like a child, proving, yet again, apologists are not
like normal adults.

I posit that's why Apologists gravitate to Apple's marketing messaging
o Rather than to actual facts which normal adults easily comprehend.

Prove me wrong, Alan Baker...
o Not only do I speak adult facts; but I back up my adult facts with cites.

Show the adults on this newsgroup where, even once, in that thread, those
five apologists did NOT post as that of a child?
o Show us just once.

--
Bringing TRUTH to the Apple newsgroups, one factual assessment at a time.

[Arlen Holder]

On Sat, 25 Jan 2020 07:18:46 -0500, nospam wrote:

>> *And checkm8 is one hell of an exploit at that!*
>
> not really.
>
> yet another thing you don't understand.

Hi nospam,

*Apologists hate the fact that 85% of iOS devices are fatally compromised.*

The main difference between you apologists & adults is in two key areas:
a. fact
b. assessment

You apologists hate the fact that iPhones from 4s to X are fatally
compromised, which is something Apple marketing is quite mum about.
o Hence, your pure hatred of facts skews your assessments of them.

Yet...
o The fact apologists hate facts doesn't change they're still facts.

Here are facts from way back when checkm8 was _first_ discovered...
o *Checkm8 is a bootrom-level security exploit*
*that can be used against every iPhone from the 4S to the X*
<https://www.imore.com/understanding-checkm8-iphone-4s-iphone-x-bootrom-exploit>
*It's "bad for Apple and a black eye for iOS security"
"so far, every device with a bootrom that's exploited stays exploited.
And checkmate exploits every device with an A5 to A11 chipset"

And here are facts from now...

o *iOS Breakthrough Enables Lawful Access for Full File System Extraction*
<https://www.cellebrite.com/en/blog/ios-breakthrough-enables-lawful-access-for-full-file-system-extraction/>

"Every now and then, there is an iOS forensic breakthrough that is truly
impactful. This happened recently when an access point was discovered that
will help examiners handle the complex challenge of full file system
extraction. *Using the new checkm8 access point*, forensic examiners will
now be able to gain lawful access to iOS devices to extract more digital
evidence."

In summary...
o *The fact apologists hate facts doesn't change they're still facts.*

--
Apologists hate the fact that 85% of iOS devices are fatally compromised.

[Arlen Holder]

On 29 Sep 2019 15:52:25 GMT, Jolly Roger wrote:

> <https://appleinsider.com/articles/19/09/28/the-checkm8-exploit-isnt-a-big-deal-to-iphone-or-ipad-users-and-heres-why>
>

> The 'Checkm8' exploit isn't a big deal to iPhone or iPad users, and here's why
>

> ---
> On Friday morning, news ¡Xand bad headlines ¡Xstarted circulating about an
> exploit ranging from the iPhone X all the way back to the iPhone 4s.
> But, despite the typical mass-media responses to the news, the exploit
> will have effectively zero impact on the consumer. Here's why.
>
> Apple's iPhone 5c, the last without a Secure Enclave
>
> On Friday morning, hacker axi0mX revealed the "Checkm8" exploit. For the
> first time in nearly a decade, this particular vector is aimed at the
> boot ROM in an iPhone or iPad, as opposed to trying to pry open the iOS
> software.
>
> A series of tweets broke down the exploit ¡Xand spelled out some
> limitations and answers about the exploit. Cue Internet drama.
>
> <https://twitter.com/axi0mX/status/1177542201670168576>
>
> User vulnerability?
>
> The Checkm8 exploit isn't a drive-by attack. A user can't visit a
> website and be targeted for malware installation. The exploit isn't
> persistent, meaning that every time the iPhone is rebooted, the attack
> vector is closed again.
>
> Earlier iPhones, from the iPhone 5c and earlier, lack a Secure Enclave.
> If you surrender access to your phone, a dedicated assailant can extract
> your iPhone PIN. But, phones with a Secure Enclave ¡Xeverything from the
> iPhone 5s and on ¡Xcannot be attacked in such a manner.
>
> Furthermore, the exploit is tethered. That means that an iPhone or iPad
> needs to be connected to a host computer, put into DFU mode, and
> exploited that way ¡Xand the exploit doesn't always work, relying on a
> "race condition" according to Checkm8.
>
> Software like keyloggers or other malware could theoretically be
> installed following an attack. But, other mechanisms that Apple has put
> into place will defeat that, following a device reboot.
>
> Apple has implemented what's called a "Secure bootchain." In short,
> there are steps at every part of iOS software implication that check the
> integrity of the previous step ¡Xand some that check the next step ¡Xto be
> sure that the phone is safe. The secure bootchain checks wouldn't allow
> software that doesn't comply to function after a hard reboot of an
> iPhone.
>
> We've gleaned this information above from Apple in the hours following
> the exploit's release. The developer axi0mX confirmed these findings,
> and discussed the implications further in an Ars Technica interview on
> Saturday morning.
>
> <https://arstechnica.com/information-technology/2019/09/developer-of-checkm8-explains-why-idevice-jailbreak-exploit-is-a-game-changer/>
>
> All this said, in short, a user has to either specifically want to do
> this procedure to their iPhone and take the steps to execute them, or be
> careless with device physical security and be specifically targeted by
> an assailant for it to be of any real concern.
>
> If you're really worried about it, it's time to ditch the iPhone 5c or
> older that you may be hanging on to. And, you can always completely shut
> down your iPhone after you've left it unattended for any period of time.
>
> A reboot will not just flush out the exploit, but also break any
> software that may have been installed in your absence.
>
> Jailbreaking is fine!
>
> We're not opposed to jailbreaking here at AppleInsider. A few staffers
> have done it in the past.
>
> AppleInsider doesn't generally cover jailbreak exploits. In the
> cat-and-mouse game that is constantly raging between Apple and the
> jailbreak community, information published today is often outdated
> tomorrow. This isn't much different than that in actuality, but it got a
> much wider audience outside of the tech media.
>
> In that media, in the very few hours after the Checkm8 exploit was
> revealed, there has been a lot of fear, paranoia, and finger-pointing
> done across the internet. There is no real reason for it at all.
> Fortunately, as of yet, there haven't been any "nasty secret" style
> headlines regarding this matter. We're sure that some content management
> system someplace has one stored, though, and we're also pretty sure we
> know who's going to do it first.
>
> Most of the headlines are right. This is a big deal for the jailbreak
> community. We don't think it's a bad thing at all. Because of
> limitations for assailants, it just makes no difference to nearly every
> iPhone or iPad user outside of that community, though.

>
> If you take anything away from this, it should be that your are no less
> safe today from the reveal of Checkm8 than you were yesterday, or the

> day before, or four years ago. Malware can't exploit it at all, and if
> you maintain physical security of your iPhone 5S and newer, then your
> passcode ¡Xand your data ¡Xremains safe.
> ---

Update on this exploit Jolly Roger claims is no big deal...
o Apologists _hate_ what Apple is, so they brazenly deny what Apple does.

o Let's talk about a vulnerability that's completely exposing your macOS devices
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>

"In case you are using a recent macOS device, you are probably using the
embedded T2 security chip which runs bridgeOS and is actually based on
watchOS. This is a custom ARM processor designed by Apple based on the A10
CPU found in the iPhone 7. The T2 chip contains a Secure Enclave Processor
(SEP), much like the A-series processor in your iPhone will contain a SEP."
o "*The root of trust on macOS is inherently broken*"
o "They can bruteforce your FileVault2 volume password"
o "They can alter your macOS installation"
o "They can load arbitrary kernel extensions"

See also:
o Yet another of the never-ending plethora of unpatchable security flaws
in Apple's chips widely reported in the news today
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/Hgk2W8buyac>
--
The plethora of unpatchable flaws existing in Apple chips is astounding.