undefined | Better HN

0 pointsthrowaway2902y ago0 comments

> That isn't a repaired product but a fake one.

Wrong. It is a genuine piece of hardware but modified. With respect, did you read the linked article?

0 comments

I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.

And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.

If you want to go all the way, you can also replace the whole device straight with a fake iphone and record everything.

throwaway290OP2y ago

> I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.

They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.

> And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.

Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.

realusername2y ago

> They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.

They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.

> Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.

That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.

throwaway290OP2y ago

> They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.

In case of this device, sure. But it would be much more costly and error-prone, build your own PCBs etc. But in case of iPhone we don't worry about them building fakes from scratch, because those would be easy to tell on the spot. We worry about a genuine phone with fake parts.

> That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.

As it is now these phones are not so easy to hack without user proactively installing malware and many of them would survive only until the next OS update or security response payload. A hardware attack is more compelling.

1 more reply

j / k navigate · click thread line to collapse

0 comments

realusername2y ago

I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.

And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.

If you want to go all the way, you can also replace the whole device straight with a fake iphone and record everything.

throwaway290OP2y ago

> I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.

They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.

> And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.

realusername2y ago

They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.

That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.

throwaway290OP2y ago

> They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.

> That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.

1 more reply

j / k navigate · click thread line to collapse