There has been a debate for many years about which is the more secure device between Android smartphones and iPhones. Experts as well as most people believe that iPhones working on Apple’s iOS are more secure than Android phones, but a latest study shows the opposite results. It has been told in this study that iPhones can also be easily vulnerable to hacking, even if they are switched off.
Researchers from the Technical University of Darmstadt have made a statement regarding the security of the iPhone. Study Key, in which he found that the iPhone can be hacked even after being switched off. The main reason for this is the way the iPhone handles various wireless networking technologies. It has been told in this study that most of the wireless chips in an iPhone, such as Bluetooth, NFC and UWB (Ultra Wideband), continue to work for 24 hours even after the iPhone is turned off.
Not that this is a problem with Apple’s iPhones. The company has done this for an important reason. Apple has been providing the ‘Find My’ feature on its devices for a long time. This feature works on multiple sensors and networks. This feature helps owners of Apple products find their products in case they are lost or possibly stolen.
The study has proved that this feature has been developed for the benefit of the users, but if hackers want, it can also be misused, because these wireless chips have direct access to the secure elements.
The study further says that these wireless chips remain active in low power mode (LPM). However, this applies to the LPM supported hardware level. Hence, it cannot be fixed through OTA software update alone. Researchers conducted a security analysis of the LPM features included in iOS 15 and found that the Bluetooth LPM firmware can be modified to run malware on the iPhone. This can help hackers gain access to the system level to track someone’s location or run the new feature on their phone.
To the relief of many iPhones users in the study, the Bluetooth LPM firmware modification affects most jailbroken iPhones. However, this vulnerability in security can still be used as spyware to target people.