Congressional antitrust investigators are scrutinizing plans by Google to use a new internet protocol, concerned that it could give the company a competitive advantage by making it harder for others to access consumer data.
In a letter this month, investigators for the House Judiciary Committee asked Google for information about its “decision regarding whether to adopt or promote the adoption” of the protocol, which the
Alphabet Inc.
company says is aimed at improving internet security.
House investigators are also asking whether data collected or processed through the new protocol will be used by Google for any commercial purposes, according to the Sept. 13 letter.
The Justice Department is aware of concerns over the protocol change and has recently received complaints, according to a person familiar with the matter.
The new standard would encrypt internet traffic to improve security, which could help prevent hackers from spoofing or snooping on websites.
But the new standard could alter the internet’s competitive landscape, cable and wireless companies say. They fear being shut out from much of user data if browser users move wholesale to this new standard, which many internet service providers don’t currently support.
“Right now, each internet service provider has insight into the traffic of their users, and that’s going to shift” as a result of the change, said
Andy Ellis,
chief security officer at
Akamai Technologies Inc.,
which provides internet services to corporations, but doesn’t support the new standard.
Google, which has vast troves of consumer data thanks to its domination of search, plans to begin testing the navigation protocol with about 1% of its Chrome browser users next month, a first step toward more widespread adoption of the new technology.
Google says that it is supporting the new technology to improve users’ security and privacy and that its browser changes will leave consumers in charge of who shares their internet surfing data.
Many internet service providers don’t support the new standard, and those providers fear losing access to a valuable data source if browser makers such as Google compel their customers to switch, something Google says it has no plans to do.
The new standard modernizes a fundamental building block of the internet known as the domain name system, or DNS. This software takes a user’s electronic request for a website name such as wsj.com and, much like a telephone book, provides the series of internet protocol address numbers used by computers.
Google and another browser maker, Mozilla Corp., want to encrypt DNS. Doing so could help prevent hackers from spoofing or snooping on the websites that users visit, for example. Such a move could complicate government agencies’ efforts to spy on internet traffic. But it could prevent service providers who don’t support the new standard from observing user behavior in gathering data.
Like Google, Mozilla’s Firefox is planning a small-scale rollout of the protocol, expected to start in the coming weeks. Firefox is planning eventually to move most U.S. consumer users to the new standard, perhaps as early as year’s end.
Mozilla is taking a more aggressive approach than Google. It will move most consumers—but not corporate users who use providers such as Akamai—to the new standard automatically, even if the change involves switching their DNS service providers. That would shift DNS services used by consumers away from such companies as
Comcast Corp.
and
AT&T Inc.
Mozilla sees the antitrust concerns raised about Google as “fundamentally misleading,” according to Marshall Erwin, Mozilla’s senior director of trust and safety.
Service providers are raising these concerns to undermine the new standard and ensure that they have continued access to DNS data, he said.
While Google is taking a less-aggressive approach than Mozilla, the long-term impact of the change could be enormous. Google’s Chrome has about 64% of the world-wide browser market, according to StatCounter, the internet data tool.
Share Your Thoughts
Do you think Google would be limiting competition on internet navigation? Why or why not? Join the conversation below.
Because Google operates its own DNS service, known as Google Public DNS, some are concerned that the DNS upgrade could ultimately concentrate too much of the internet’s traffic in the hands of Google.
Internet service providers have recently stepped up their criticism over the issue, with some speculating that Google too might emulate Firefox’s more aggressive approach, which gives the browser maker control over which DNS service is used.
“Because the majority of world-wide internet traffic…runs through the Chrome browser or the Android operating system, Google could become the overwhelmingly predominant DNS lookup provider,” a coalition of internet service providers said in a Sept. 19 letter to lawmakers. “Google would acquire greater control over user data across networks and devices around the world. This could inhibit competitors and possibly foreclose competition in advertising and other industries.”
They urged lawmakers to call on Google not to impose the new standard as a default standard in Chrome and Android.
A House Energy and Commerce Committee spokesman said the panel has “heard from stakeholders on all sides of this issue” and is following it closely.
Giving Google an unfair advantage in user data isn’t the only concern being raised. Some also contend that the new system could harm security by bypassing parental controls and filters that have been developed under the current, unencrypted system. That has been an issue in the U.K.
It's not just botnets that can hijack PCs for nefarious ends. Microsoft and Cisco's Talos researchers have identified a new malware strain, Nodersok (or Divergent), that uses web apps to turn systems into proxies for malicious internet traffic. The attack gets victims to run an HTA (HTML application) file through a rogue ad or download, launching a complex sequence of events. JavaScript in the HTA downloads a separate JavaScript file, and that in turn runs a PowerShell command that downloads and runs a whole host of tools, including ones that disable Windows Defender, ask for more control, capture data packets and create the intended proxy.
Crucially, the infection relies on legitimate programs to accomplish its task, whether they're built into Windows or downloaded from third parties. There are no malware programs copied to storage. The approach makes it harder for security teams to research the code and devise countermeasures.
It's not certain who's behind Nodersok. It appears to be meant for everyday criminals rather than hostile countries, however. Cisco believed that i was "primarily designed" for click fraud, or the practice of automatically generating ad clicks to boost revenue from websites. Most targets are typical consumers in Europe and the US rather than corporate or government users.
Both Microsoft and Cisco are keen to tout the ability of their enterprise-grade defense systems to thwart the malware. Most people don't have access to those to those resources, though, and conventional signature-based antivirus software has a much harder time. Nodersok has targeted "thousands of machines" in recent weeks, according to Microsoft, and that might not let up in the near future.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Robot dogs can move efficiently, but not all that naturally -- and no, twerking doesn't count. Virginia Tech researchers think they can do better. They're developing a combination of algorithms and sensors that help robots move with gaits more like those of real animals. The system mimics the behavior of vertebrates, whose balance control comes largely from oscillating neurons in the spinal cord, using a combination of encoder sensors (to read relative positions for joints) and inertial measurement units (to measure the body's orientation relative to the ground). The result is a mechanical canine that can walk, run and trot with more grace and speed than usual.
Cameras and LiDAR are also present to help robots avoid collisions. This doesn't require dramatic changes to the bots themselves, at least. The test units are Ghost Robotics designs augmented with sensors to test the new algorithms.
The initial work has proven fruitful, but there's a lot of work left before you could see this in robots beyond the lab. Assistant professor and key researcher Kavel Hamed also stressed that it wasn't just about making the algorithms more effective -- they also have to be genuinely "bio-inspired." As such, it could be a while before there's a pet robot that moves just as smoothly as the real thing.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
One of the big themes we’ve been tracking for a few years now is Amazon’s various attempts to make Alexa useful outside your home. Amazon has a very good value proposition for customers inside their houses: Echo speakers are great for music, timers and such in the kitchen, and smarthome controls.
Amazon clearly has ambitions to make Alexa the leading platform for ambient computing. But to do that, it needs more ubiquity than it can achieve right now. That’s one reason that Amazon was so excited to announce a partnership with GM to make Alexa available on those cars. It’s also one reason I was surprised to see the company didn’t announce any updates to the Echo Auto.
But the most obvious way to do that is to be the default assistant on phones. Amazon is probably never going to get there, because Apple won’t allow it, for one thing. On Android you can switch our your default assistant from Google to Alexa, but the number of customers who realize that’s possible is small and the number who are likely to do it is even smaller.
Command Line is The Verge’s daily newsletter about personal tech. You should subscribe! We’ll be trying something a little different with the newsletter format over the next few weeks, and I’m really eager to hear your feedback. Please feel free to email me at dieter@theverge.com if you have thoughts. -Dieter
By subscribing, you are agreeing to receive a daily newsletter from The Verge that highlights top stories of the day, as well as occasional messages from sponsors and / or partners of The Verge.
I would like to say that the phone problem is Alexa’s biggest issue, but it’s not. It’s simply the easiest explanation for why any third-party technology is bad: without deep system-level access, third-party accessories and ecosystems end up failing on phones all the time. Alexa on phones is often more capable than it gets credit for — but it’s still nowhere near as good nor as integrated as the Google Assistant or even Siri.
To just blame closed ecosystems is too simplistic. There’s actually a chicken and egg problem here. Let’s call the chicken the lack of platform-level access on phones. The egg is that Alexa is often comically bad outside the home. Our Echo Auto review lays it out: Alexa regularly sends you down infuriating and circular discussion paths when you’re just trying to get something done.
It actually is possible to make Alexa somewhat useful in the car or even when you’re walking down the street, but you have to work at it a bit. You have to put more of your online life into Alexa’s hands, and right now the Alexa ecosystem can’t handle as much as Apple or Google can. Alexa is very good at smart home gadgets, lists, and a few other domains, but it feels very disconnected from the rest of the things in your digital life: your email, calendar, messages, and all the rest.
So while you can connect a lot of that up, how many people are really, fully living that “Alexa Life?” Whatever the number is, it’s probably not enough to start a virtuous cycle of Alexa use outside the home.
You might be familiar with the original “Siri Problem,” where you’d try it a few times and Siri would fail completely, so you’d give up on it. It took Siri years to get over that problem — and in some ways it still suffers from it. Siri isn’t great, but I think it’s better than its reputation for a lot of the simple things people ask of it.
I think the same sort of problem applies to Alexa outside the home, only solving it will be doubly hard because of the platform access problem.
All of which is a very long preamble to talking about the hardware products that I personally found the most intriguing at Amazon’s event. While the Echo speakers — especially the Echo Studio — are likely to be the things that are most popular in the next year, I think the Echo Buds, the Echo Frames, and the Echo Loop ring may be more important to Amazon’s future.
Don’t misread me: the “Day1” label put on the Frames and the Loop are a sign that these are very much beta products. They’re invite-only and they’re probably not going to be all that great to use. I tried the Loop out a few times and was not very impressed.
Plus, you have to be a particular kind of person to want to wear slightly-dorky looking accessories like the Frame or the Loop. If you are, you’re probably the kind of person who’s also more likely to go through the effort it takes to live that Alexa Life. If so, you’re the ideal person for Amazon to learn from. The Frames and the Loop are market research masquerading as consumer products.
But the Echo Buds are something different: they are genuinely mass-market and genuinely competitive to other wireless earbuds. They are aggressively (some might say predatorily) priced, feature-rich, and higher-quality than many first-gen Amazon products. We’ll need to do a full-review to really judge them, but it’s hard not to see them as an effort to get you to use Alexa more.
Maybe. There are plenty of other Bluetooth headphones out in the world that already support Alexa and they aren’t exactly seen as a threat to Siri or Google. Even if the Echo Buds prove to be wildly popular, I suspect they’ll only add a modest bump to Alexa’s overall usage. Amazon will see what people are willing to ask Alexa while on the go, though, and use that to build more features going forward — just like it has with the Echo speakers in your house.
Alexa’s real competition outside the home isn’t the Google Assistant or Siri. It’s your thumbs and the screen you tap with them. If Amazon can get you to talk to your headphones and not pull your phone out of your pocket just once or twice a day, that’s a marginal win for Alexa.
Then again, if Amazon’s hardware efforts has taught us anything over the years, it has been that the company knows how to build a business off slim margins.
Amazon’s big event wasn’t the only big tech event this week — the other was Oculus’ conference. As per usual, I need to disclose that my wife works for Oculus, so I’ll let Adi Robertson and Nick Statt’s coverage tell you what happened there:
If Oculus Link actually works, and you’re a normal person who likes to play or watch VR experiences at home, there’s basically no reason to buy anything but a Quest. It offers a huge jump in capabilities over the Oculus Go, which makes it easily worth the extra $200. (Almost nobody needs a VR headset right now. So if you’re going to get one, it’s worth spending more on something that expands your options so much.) Even if you primarily use VR with a gaming PC, the Quest adds a lot of functionality over a Rift S for the same $399 price. And it’s clearly where Oculus is focusing its efforts right now, so it might be faster to get future updates as well.
Dan Seifert got an early exclusive look at this. Other than size, I can’t think of a single good reason to get a HomePod over this. I’d wait for a proper review, though, before buying.
Enlarge/ The bootrom of an Apple Watch Series 3, as shown through a hex viewer. Yep, Apple Watches series 1, 2, and 3 are also vulnerable to Checkm8.
Often, when new iOS jailbreaks become public, the event is bitter-sweet. The exploit allowing people to bypass restrictions Apple puts into the mobile operating system allows hobbyists and researchers to customize their devices and gain valuable insights be peeking under the covers. That benefit is countered by the threat that the same jailbreak will give hackers a new way to install malware or unlock iPhones that are lost, stolen, or confiscated by unscrupulous authorities.
On Friday, came the release of Checkm8. Unlike just about every jailbreak exploit released in the past nine years, it targets the iOS bootrom, which contains the very first code that’s executed when an iDevice is turned on. Because the bootrom is contained in read-only memory inside a chip, jailbreak vulnerabilities that reside here can’t be patched.
Checkm8 was developed by a hacker who uses the handle axi0mX. He’s the developer of another jailbreak-enabling exploit called alloc8 that was released in 2017. Because it was the first known iOS bootrom exploit in seven years, it was of intense interest to researchers, but it worked only on the iPhone 3GS, which was seven years old by the time alloc8 went public. The limitation gave the exploit little practical application.
Checkm8 is different. It works on 11 generations of iPhones, from the 4S to the X. While it doesn’t work on newer devices, Checkm8 can jailbreak hundreds of millions of devices in use today. And because the bootrom can’t be updated after the device is manufactured, Checkm8 will be able to jailbreak in perpetuity.
I wanted to learn how Checkm8 will shape the iPhone experience—particularly as it relates to security—so I spoke at length with axi0mX on Friday. Thomas Reed, director of Mac offerings at security firm Malwarebytes, joined me. The take-aways from the long-ranging interview are:
Checkm8 requires physical access to the phone. It can’t be remotely executed, even if combined with other exploits
The exploit allows only tethered jailbreaks, meaning it lacks persistence. The exploit must be run each time an iDevice boots.
All of the above means people will be able to use Checkm8 to install malware only under very limited circumstances. The above also means that Checkm8 is unlikely to make it easier for people who find, steal or confiscate a vulnerable iPhone, but don’t have the unlock PIN, to access the data stored on it.
Checkm8 is going to benefit researchers, hobbyists, and hackers by providing a way not seen in almost a decade to access the lowest levels of iDevices.
Read on to hear, in axi0mX’s own words, why he believes this is the case:
Dan Goodin: Can we we start with the broad details? Can you describe at a high level what Checkm8 is, or what it is not?
axi0mX: It is an exploit, and that means it can get around the protection that Apple built into the bootrom of most recent iPhones and iPads. It can compromise it so that you can execute any code at the bootrom level that you want. That is something that used to be common years ago, during the days of the first iPhone and iPhone 3G and iPhone 4. There were bootrom exploits [then] so that people could jailbreak their phone through the bootrom and that later would not be possible.
The last bootrom exploit that was released was for iPhone 4 back in 2010, I believe by Geohot. After that, it was not possible to exploit an iPhone at this level. All the jailbreaks [that] were done later on, [happened] once the operating system boots. The reason that bootrom is special is it’s part of the chip that Apple made for the phone, so whatever code is put there in the factory is going to be there for the rest of its life. So if there is any vulnerability inside the bootrom it cannot be patched.
Persistence and Secure Enclave
DG: When we talk about things that aren't patchable, we’re talking about the bug. What about the change to the device itself. Is that permanent, or once the phone is rebooted, does it go back to its original state?
A: This exploit works only in memory, so it doesn’t have anything that persists after reboot. Once you reboot the phone ... then your phone is back to an unexploited state. That doesn’t mean that you can’t do other things because you have full control of the device that would modify things. But the exploit itself does not actually perform any changes. It’s all until you reboot the device.
DG: In a scenario where either police or a thief obtains a vulnerable phone but doesn’t have an unlock PIN, are they going to be helped in any way by this exploit? Does this exploit allow them to access parts of this phone or do things with this phone that they couldn’t otherwise do?
A: The answer is it depends. Before Apple introduced the Secure Enclave and Touch ID in 2013, you didn’t have advanced security protections. So, for example, the [San Bernardino gun man’s] phone that was famously unlocked [by the FBI]—the iPhone 5c— that didn’t have Secure Enclave. So in that case this vulnerability would allow you to very quickly get the PIN and get access to all the data. But for pretty much all current phones, from iPhone 6 to iPhone 8, there is a Secure Enclave that protects your data if you don’t have the PIN.
My exploit does not affect the Secure Enclave at all. It only allows you to get code execution on the device. It doesn’t help you boot towards the PIN because that is protected by a separate system. But for older devices, which have been deprecated for a while now, for those devices like the iPhone 5, there is not a separate system, so in that case you could be able to [access data] quickly [without an unlock PIN].
DG: So this exploit isn’t going to be of much benefit to a person who has that device [with Secure Enclave] but does not have the PIN, right?
A: If by benefit you mean accessing your data, then yes that is correct. But it’s still possible they might have other goals than accessing your data, and in that case, it’s possible they would get some benefit.
DG: Are you talking about creating some sort of backdoor that once the owner puts in a PIN it would get sent to the attacker, or a scenario like that?
A: If, say, for example, you leave your phone in a hotel room, it's possible that someone did something to your phone that causes it to send all of the information to some bad actor’s computer.
DG: And that would happen after the legitimate owner returned and entered their PIN?
A: Yes, but that’s not really a scenario that I would worry much about, because attackers at that level … would be more likely to get you to go to a bad webpage or connect to a bad Wi-Fi hotspot in a remote exploit scenario. Attackers don’t like to be close. They want to be in the distance and hidden.
In this case [involving Checkm8], they would have to physically hold your device and their hand and would have to connect a cable to it. It requires access that most attackers would like to avoid.
This attack does not work remotely
DG: How likely or feasible is it for an attacker to chain Checkm8 to some other exploit to devise remote attacks?
A: It’s impossible. This attack does not work remotely. You have to have a cable connected to your device and put your device into DFU mode, and that requires you to hold buttons for a couple seconds in a correct way. It’s something that most people have never used. There is no feasible scenario where someone would be able to use this attack remotely.
If you want to talk [about] really hypothetical situations, if you’re a jailbreaker and you’re trying to use your exploit on your own computer and somehow your computer is compromised, it’s possible someone on your computer is going to deliver a different version of the exploit that does more stuff than what you want to do. But that is not a scenario that’s going to apply to most people. That is a scenario that is simply not practical.
Thomas Reed: Does the bootrom code that’s loaded into RAM get modified by the exploit, or is that not a requirement? Through this vulnerability would you need to make modifications to the bootrom code that’s loaded into RAM, or would that not be a factor, would that not be involved in the way the exploit works? I’m under the assumption that some of the code from the bootrom is loaded into RAM when it’s executed. Maybe I’m wrong about that.
A: The correct answer is that it’s complicated. The code that is used by the bootrom is all in read-only memory. It doesn’t need to get copied in order for it to be used. In order for my device to be able to do what I want, I want to also inject some custom code. In that case, I can’t write my code into the read-only memory, so my only option is to write it into RAM or in this case SRAM—which is the low-level memory that is used by the bootrom—and then have my injected code live in this small space. But the actual bootrom code itself does not get copied in there. It’s only the things that I added to my exploit.
TR: Can this be used to install any other code, any other programs that you wanted, with root-level permissions, so that you could install malware through this?
A: The correct answer is: it depends. When you decide to jailbreak your phone using this exploit, you can customize what Apple is doing. Apple has some advanced protections. A lot of their system is set up so that you don’t have malware running. If you decide to jailbreak, you’re going to get rid of some of the protections. Some people might make a jailbreak that keeps a lot of those protections, but it also allows you to remove protections. Other people might remove all protections altogether.
The jailbreak that you can make with this exploit always requires you to exploit the device fresh after reboot. So if you don’t use the exploit, your device will only boot to a clean install [version] of iOS. It’s not like you can install malware once and then have it stay forever if you’re not using the exploit because iOS has protections against that.
More about persistence
DG: Somebody could use Checkm8 to install a keylogger on a fully up-to-date iOS device, but the second that they rebooted the phone, that keylogger would be gone, right?
A: Correct. Or it wouldn’t work. They left the keylogger there, but iOS would just say: “This app is not authorized to run on this phone so I’m not going to run it.”
iOS devices have what’s called a secure bootchain. Starting from the bootrom, every single step is checked by the previous stage so that it is trusted. It always has a signature verified so that the phone only allows you to run software that is meant to be running. If you choose to break that chain of trust and run software that you want to run then exactly what you do will determine what else can happen. If you choose to not break the chain of trust and you simply use your phone the way that Apple wants you to use it, without jailbreaking it, then this chain of trust is secure. So malware will not be able to get around it the next time you boot your phone, because you are relying on the chain of trust.
You cannot actually persist using this exploit. The only way that you can break the chain of trust is if you manually do it every boot. So you have to be in DFU mode when you boot and then you have to connect a cable to your phone and then you have to run the exploit in order to jailbreak your phone. At that point you can do whatever you want. But in no case will that be the case if you…just boot normally. In that sense, it is not persistent.
TR: In the case of a company like Cellebrite or Greyshift getting your device and they want to capture data from it, as I understand it if you don’t have the key—which you wouldn’t because it’s in the Secure Enclave—a lot of the data is going to be encrypted and it’s not going to be accessible. It sounds like Checkm8 really wouldn’t be of much use to them. Is that correct, or would there be some things that they could do with it?
A: As a stand-alone exploit, the answer is no, they can’t do much with it. But it’s possible, perhaps likely, that they would use more than one exploit—they have an exploit chain—in order to do what they want to do. And in that case, they could use this one instead of another one that they have because maybe it’s faster, maybe they don’t have to worry about protecting it. So it’s possible that this could serve as a step that they take in order to crack the PIN code.
This does not give them anything that would directly be able to guess the PIN code without other exploits. I don’t know what they have. It’s possible that they just have one thing that they use, and in that case they probably would not use this in any way. But it’s also possible that this could replace one of the bugs that they use in order to do whatever they’re doing.
TR: I think the appeal of that would be that it’s something that Apple can’t patch. If they had an exploit chain that would give them access to a lot of devices.
DG: So this is more of an incremental development [for Cellebrite and Grayshift] as opposed to a game changer?
A: I don’t think that they can do anything today with Checkm8 that they couldn’t do yesterday [without Checkm8]. It’s just that yesterday maybe they would do it a slightly different way. I don’t think they gain anything from this release.
DG: What is it about the newer chipsets that prevents Checkm8 from working? Is it possible someone could tweak Checkm8 to make it work on these newer chipsets?
A: I think it’s unlikely. There were changes to make [newer chipsets] not exploitable. All I know is I can’t get it to work. For me it’s not something that I can do. What I do involves using multiple bugs. Some that are not serious might be required to access other bugs that are more serious. Because Apple patched some bugs in the newer phones, it can no longer be exploited as far as I know.
DG: So you don’t see much chance that somebody is going to chain Checkm8 to something else and be able to achieve the same result with newer iPhones?
A: I can’t say it’s impossible, and there are some really good hackers out there. It’s always possible. I think it’s unlikely. I know I couldn’t do it. The chance is always there, but I think it’s very unlikely.
A jailbreaking renaissance
If you have a few minutes, I have more things that you may find interesting:
Apple has been making jailbreaks very difficult. Things were much better a couple years ago. Before about 2016 there were regular jailbreaks that worked well and a lot of people could jailbreak your phone. That changed with iOS 9, and jailbreaks no longer had persistence and they were not even reliable, so you would have to try a couple of steps before the jailbreak worked. Jailbreaking became inaccessible to people because you couldn’t get a phone, even an older phone, and jailbreak it, and customize it, and make software that changes things about the phone. People were saying jailbreaking is dead because it’s not what it used to be.
Now, the reason [Checkm8] is so great for iOS jailbreakers is people will be able to just get an iPhone X and then be able to jailbreak it on any [iOS] version. That is great because that means anyone can decide to jailbreak and sit down at their computer, connect their phone, and be jailbroken in not much time.
Now, what I released today doesn’t allow you to jailbreak your phone completely with Cydia and other things you would expect from a jailbreak, but that will come soon. And you will be able to jailbreak your phone pretty much anytime you want and on the latest version. And that latest version part is also important, because in the past when people were jailbreaking phones, they had to stay on an older version of the operating system in order for it to have the vulnerabilities that they were using to jailbreak.
But now, with this technique, you will be able to use the latest version of iOS and still jailbreak your phone because you can run any version of iOS you want, so you can always have the latest security patches. You don’t have to stay on an older version that has security vulnerabilities just so you can jailbreak, and you won’t have to wait until a jailbreak is available. This is going to make jailbreaking a lot more accessible and a lot safer for everyone. That is one of the reasons I am very excited about this work.
A small group of people enjoy jailbreaking and they do it for fun because they like to tinker with their phone, or change the way it looks, or hack it. But there’s another group of people where, say, there’s an incident where you believe your email was hacked and you want to find out what happened. In that case you want to be able to look at the storage on your phone and see what kind of artifact do you get, and what kind of log files, and analyze what’s there to see if you can identify what happened. And if you were, say, the victim of an attempted hack, or maybe if the hack was successful, in order to get this forensic copy you need to be able to access the storage on a low level that’s not possible unless you jailbreak your phone.
In the past couple years, you couldn’t just jailbreak the phone on the latest version of iOS if you needed to for any reason. You would have to let the phone sit until it was finally jailbreakable and only then would you be able to do it. That changes now. If you need to see what’s happening on your phone, you can just jailbreak it one time with Checkm8 and then get a full forensic copy of your data and your log files and history. That’s one scenario.
Monitoring in real time
The other scenario is: sometimes people want to look for attackers, or things happening in real time. Say you go to a website [and] your phone will send traffic to various webservers and various webservers will send back files. If you are doing tracking in real time, you can see what’s happening. If you want to, say, explore what happens when your phone goes to a website, you can’t do that if you don’t have a jailbreak because Apple doesn’t give you the specific permissions that you need to see things happening at such a low level on your phone.
Now, anytime you want, you will be able to jailbreak your phone, either one time, or every single time, you will be able to analyze what’s happening in real time. Say you have traffic that is connecting to your phone from some country you don’t think should be connecting, like Russia, then you would know that something is happening right away. And you would be able to see it and block it. For people who do research … it was impossible to do that on iOS. You would need to have your own custom jailbreak, or you would have to have an old version of iOS, or you would have to wait until a jailbreak is available.
The things I just mentioned are things that I’m quite excited about, because the iOS jailbreak community is great and they’re going to benefit from this. It’s also going to help people who want to research either the security of iOS or the security of apps they’re using. All of that is going to benefit for the next couple of years.
In case you forgot, the iPhone 11 and Apple Watch weren't the only new hardware Apple showed off at its big event a couple of weeks ago, it also upgraded the base iPad line. Now in its seventh generation, the "most popular" iPad that Apple sells has grown from 9.7- to 10.2-inches, ships with iPadOS and added a connector to support the company's still-pricey keyboard add-on.
The folks at iFixit attacked the new model with their assortment of tools, and found that despite the new size, inside it's still very similar to the previous model. Unlike the iPhone 11 Pro Max, for example, which made room for a larger battery than ever before, this new iPad has a unit that's the same size as its predecessor at 8,827mAh or 32.9 watt hours, and presumably relies on other tweaks to the hardware and software to achieve its extra hour of estimated battery life.
The new iPad does include 3GB of RAM, an extra gig compared to the sixth gen models, and nice to have at its $329 starting price. The display is obviously larger, and iFixit notes that it's still set up for easier replacements than the unit used on Apple's Pro tablets, if you're into DIY repairs. The iPad doesn't make for as exciting of a teardown as smaller units, but it's still new for 2019, so take a peek at the inside below.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/19232178/DSC02994.jpg)
