Security Flaw Found in Older Apple Silicon Hardware
舊款 Apple Silicon 硬體發現安全漏洞
Introduction
The cybersecurity company Paradigm Shift has revealed a hardware security problem, called 'usbliter8,' which affects several older generations of Apple devices.
網路安全公司 Paradigm Shift 揭露了一個稱為「usbliter8」的硬體安全問題,影響數個舊世代的 Apple 裝置。
Main Body
The problem is located in the SecureROM, which is the permanent boot code that runs before the operating system starts. Because this flaw is built into the physical hardware of the A12 and A13 Bionic chips, Apple cannot fix it with a standard software update. The affected devices include the iPhone XS, XS Max, XR, the iPhone 11 series, and the second-generation iPhone SE, as well as some iPad models and Apple Watch Series 4, 5, and SE. However, devices with A11, A14, or newer processors are not affected.
這個問題位於 SecureROM 中,也就是在作業系統啟動前運行的永久啟動代碼。由於此漏洞內建於 A12 與 A13 Bionic 晶片的物理硬體中,Apple 無法透過標準的軟體更新來修復。受影響的裝置包括 iPhone XS、XS Max、XR、iPhone 11 系列、第二代 iPhone SE,以及部分 iPad 型號與 Apple Watch Series 4, 5 及 SE。然而,搭載 A11、A14 或更新處理器的裝置不受影響。
To use this exploit, an attacker must have physical access to the device and be able to restart the system. Although the flaw allows unauthorized commands or malicious code to be installed, it does not break Apple's Data Protection. Consequently, user files and encrypted messages remain safe. Nevertheless, the public release of this information might help others create 'jailbreak' tools by combining this flaw with other security gaps.
若要利用此漏洞,攻擊者必須能親身接觸裝置並能重新啟動系統。雖然該漏洞允許安裝未經授權的指令或惡意代碼,但它不會破解 Apple 的數據保護機制。因此,使用者檔案與加密訊息依然安全。儘管如此,此資訊的公開可能會協助他人將此漏洞與其他安全缺口結合,以開發「越獄」工具。
From a risk perspective, some people may feel too safe because the attacker needs the device in their hand. However, industry experts emphasized that high-value targets, such as government officials and business executives, are still at risk if their devices are stolen. Since the hardware cannot be changed, the only way to fully solve the problem is to buy a newer device.
從風險角度來看,有些人可能會覺得非常安全,因為攻擊者需要將裝置拿到手中。然而,業界專家強調,若裝置被盜,政府官員與企業高層等高價值目標仍處於風險之中。由於硬體無法更改,徹底解決此問題的唯一方法就是購買較新裝置。
Conclusion
The usbliter8 vulnerability is a permanent hardware flaw in A12 and A13 chips that can only be fixed by replacing the device.
usbliter8 漏洞是 A12 與 A13 晶片中一個永久性的硬體缺陷,只能透過更換裝置來修復。
Vocabulary Learning
The 'Connector' Upgrade: Moving from A2 to B2
At the A2 level, you probably use simple words like but, so, and because to link your ideas. To reach B2, you need Logical Connectors. These words act like bridges, showing the reader exactly how two ideas relate to each other.
⚡️ The 'Contrast' Power-Up
In the text, we see: "However, devices with A11, A14, or newer processors are not affected."
Instead of saying "But some phones are okay," the author uses However.
- The B2 Secret: Use However or Nevertheless at the start of a sentence to create a professional pause. It signals a "turn" in the argument.
- Example: I love my old iPhone. However, it has a security flaw.
🔗 The 'Result' Bridge
Look at this sentence: "Consequently, user files and encrypted messages remain safe."
At A2, you would say: "So, the files are safe." Consequently is the B2 version of "so." Use it when you want to show a direct, logical result of a previous fact. It makes you sound more academic and precise.
🛠 Practical Application: The Swap-Out
To sound more like a B2 speaker, try replacing your basic words with these options from the text:
| A2 Word | B2 Alternative | Effect |
|---|---|---|
| But | Nevertheless | Stronger contradiction |
| So | Consequently | More formal result |
| Because | Since | Smoother explanation (e.g., "Since the hardware cannot be changed...") |
Pro Tip: Notice how Since is used at the start of the last paragraph. In B2 English, since doesn't just talk about time; it's a sophisticated way to say because.