Legit-Looking iPhone Lightning Cables That Hack You Will Be MassProduced and Sold

So much for Apple security.

https://www.vice.com/en_us/article/3...ple-lightning-
cable-hacks-your-computer-omg-cable-mass-produced-sold

On 10/1/2019 2:25 AM, Nomen Nescio wrote:
So much for Apple security.

https://www.vice.com/en_us/article/3...ple-lightning-
cable-hacks-your-computer-omg-cable-mass-produced-sold

You can't blame Apple for this. And how many people are going to buy a
$200 cable to swap with a real cable in the hope that someone does a
wired connection between an iPhone and a Mac's USB-A port?

So much for Apple security.

https://www.vice.com/en_us/article/3...ple-lightning-
cable-hacks-your-computer-omg-cable-mass-produced-sold

Not long after the Iphone came out, it was discovered that Jobs was spying on Apple phone data. I naver have had an Iphone or Apple computer as a result. Apple was rotten to the core from the beginning. Now they even have a fag for a president. I guess that is fitting for a company started by a *******.

In article , anon wrote:

Not long after the Iphone came out, it was discovered that Jobs was spying
on Apple phone data.

nonsense.

I naver have had an Iphone or Apple computer as a
result. Apple was rotten to the core from the beginning. Now they even have
a fag for a president. I guess that is fitting for a company started by a *******.

even more nonsense.

troll elsewhere.

On Tue, 1 Oct 2019 06:27:44 -0700, sms wrote:

https://www.vice.com/en_us/article/3...ple-lightning-
cable-hacks-your-computer-omg-cable-mass-produced-sold

You can't blame Apple for this. And how many people are going to buy a
$200 cable to swap with a real cable in the hope that someone does a
wired connection between an iPhone and a Mac's USB-A port?

Hi Steve,

I think the entire point is that the cable will be mass produced...
o Such that it won't be $200 - but - oh - say - $2 (or whatever).

I have the OP plonked (one of the rare people, such as Snit) where I just
skimmed the VICE reference in your quoted content...
https://www.vice.com/en_us/article/3kx5nk/fake-apple-lightning-cable-hacks-your-computer-omg-cable-mass-produced-sold

Assuming that's the cite, this is the quote, I guess, that starts it all:
"It charges phones & transfers data in the same way an Apple cable does,
but it also contains a wireless hotspot that a hacker can connect to...
It's like being able to sit at the keyboard and mouse of the victim
but without actually being there"

Assuming it works (there's nothing in the article that intimates
otherwise), I think the problem here is that people "can" easily switch
cables on innocent victims in so many ways that, if they mass produced a
million cables, they'd easily attain nearly a million victims (unless
there's something obvious about the cable that screams out "red flag" - and
even then, they'd still get a quarter million victims (the Nigerian email
scam gets people according to the US state department web site last I
checked).

I predict Apple will spin this, at the appropriate time, into a marketing
coup, just as they callously did with the dead Chinese lady - where I can't
blame Apple since they charge an order of magnitude more for their crappy
short too-thin cables than I pay at Fryes for mine (which are better in
many ways than anything Apple has ever produced).

In short, the danger isn't the $200 cable ... but the $2 mass-produced
cable, which was the entire point of the story - clearly.

Think about what could happen then...

--
I don't see why this couldn't also work for Android - wouldn't it?

On Tue, 01 Oct 2019 12:26:53 -0400, nospam wrote:

even more nonsense.

Tim Cook is a proven brazen liar, but otherwise, his personal life has no
bearing in this conversation.

What may have bearing though, is this discussion was carried over by JF
Mezei onto the iPhone groups just now... at
o Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced
https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/pfrko22s4Fo

On 2019-10-01 05:25, Nomen Nescio wrote:
So much for Apple security.

https://www.vice.com/en_us/article/3...ple-lightning-
cable-hacks-your-computer-omg-cable-mass-produced-sold


In order for this to work, the cable must be connected to both an
iPhone/iPad and a computer. It works wirelessly, so the remote hacker
has got to be within 802.11 range of the cable. Someone would probably
notice the new wireless access point. Hmm. What if I took it home? Well,
_I_ would notice the new WAP. Okay, the cable can link to an existing
WAP and piggy-back its internet connection, so that the hacker can sit
at home and not know or care where I am. Except... it's trivial to set
even home WAPs to require access codes (no, not the simple default
things, but real access codes) and no-one gets onto the work network
without being on Active Directory. The WAP in the cable can't get to the
internet from work. As it happens, I have an ancient WinServer 2008 R2
system running Active Directory at home, 'cause I like AD and that
license was originally a WinServer 2003 license and was a freebie from
the local Microsoft people to try to get me to buy a lot of Microsoft
goodies. (Didn't work, but I kept the freebies.) No-one can get in or
out of the network without my letting them in explicitly. Even John
Public can set up a similar system if they have a good WAP. (AT&T uses
Pace units; Google is your friend, and you can find how to do all kinds
of settings on the newer versions. Comcast also has some units which can
be played with, if the user wants to.) You don't need Active Directory,
though it helps.

This think works only if the user buys the cable and has not set up even
the barest minimum local security. It does not work if the user doesn't
buy the cable because they buy from people who have something to lose if
they are caught selling hacking tools which allow remote access to
random users.

In other words, it's not a real threat.