Amid the other new features in iOS 14.5, Apple has also implemented changes to how it secures the code running in iOS. As reported by Motherboard, the changes Apple has made behind the scenes here will make it harder for hackers to develop zero-click exploits.
The report cites multiple security researchers who believe that these changes will make zero-click exploits harder. These are exploits that allow hackers to gain control of a user’s iPhone without any interaction from that user.
The change centers around the technology called Pointer Authentication Codes, which is a cryptography security feature that Apple has used since 2018. With iOS 14.5, Apple has extended this to something called ISA pointers:
ISA pointers are a related feature of iOS’s code that tells a program what code to use when it runs. Until now, they were not protected with PAC, as Samuel Groß from Google Project Zero explained last year. By using cryptography to sign these pointers, Apple extended PAC protections to ISA pointers.
One security researcher told Motherboard that this change is worrying many iPhone hackers because “some techniques are now irretrievably lost.”
“It will definitely make 0-clicks harder. Sandbox escapes too. Significantly harder,” a source who develops exploits for government customers told Motherboard, referring to “sandboxes” which isolate applications from each other in an attempt to stop code from one program interacting with the wider operating system. Motherboard granted multiple exploit developers anonymity to speak more candidly about sensitive industry issues.
That being said, jailbreak developer Jamie Bishop said the changes are unlikely to full weed out zero-click attacks, but rather raise the cost:
“When there’s a will there’s a way—there’s always going to be bugs of some sort, whether that be in PAC or whether it be a completely different exploitation strategy,” Jamie Bishop, one of the developers of the popular jailbreak Checkra1n, told Motherboard in an online chat. “This mitigation in reality probably just raises the cost of 0clicks, but a determined attacker with a lot of resources would still be able to pull it off.”
Apple confirmed to Motherboard that these changes will make zero-click exploits harder, though it clarified that the “security of the device is dependent on dialing up multiple mitigations at once, rather than a single item.”
You can find the full report over at Motherboard with more details. iOS 14.5 is expected to be released to the public sometime in the spring.