An iPhone sits in a users hand open to the YouTube app. What is unusual is that the iPhone is bent in an L shape and is still functioning properly.

First Folding IPhone Doesn’t Come From Apple

Folding phones are all the rage these days, with many of the major smartphone manufacturer’s having something in this form factor. Apple has been conspicuously absent in this market segment, so [KJMX] decided to take matters into their own hands with the “iPhone V.” (YouTube – Chinese w/subtitles via MacRumors).

Instead of trying to interface an existing folding phone’s screen with the iPhone, these makers delaminated an actual iPhone X screen to use in the mod. It took 37 attempts before they had a screen with layers that properly separated to be both flexible and functional. Several different folding phones were disassembled, and [KJMX] found a Motorola Razr folding mechanism would work best with the iPhone X screen. Unfortunately, since the iPhone screen isn’t designed to fold, it still will fail after a relatively small number of folds.

Other sacrifices were made, like the removal of the Taptic Engine and a smaller battery to fit everything into the desired form factor. The “iPhone V” boasts the worst battery life of any iPhone to date. After nearly a year of work though, [KJMX] can truly claim to have made what Apple hasn’t.

Curious about other hacks to let an iPhone do more than Apple intended? Check out how to add USB-C to an iPhone, try to charge it faster, or give one a big memory upgrade.

Dig Into The Apple Device Design Guide

Millions of people worldwide have just added new Apple gadgets to their lives thanks to the annual end of December consumerism event. Those who are also Hackaday readers are likely devising cool projects incorporating their new toys. This is a good time to remind everybody that Apple publishes information useful for such endeavors: the Accessory Design Guidelines for Apple Devices (PDF).

This comes to our attention because [Pablo] referenced it to modify an air vent magnet mount. The metal parts of a magnetic mount interferes with wireless charging. [Pablo] looked in Apple’s design guide and found exactly where he needed to cut the metal plate in order to avoid blocking the wireless charging coil of his iPhone 8 Plus. What could have been a tedious reverse-engineering project was greatly simplified by Reading The… Fine… Manual.

Apple has earned its reputation for hacker unfriendliness with nonstandard fasteners and liberal use of glue. And that’s even before we start talking about their digital barriers. But if your project doesn’t involve voiding the warranty, their design guide eliminates tedious dimension measuring so you can focus on the fun parts.

Dimensioned drawing of Apple iPad Pro

This guide is packed full of dimensioned drawings. A cursory review shows that they look pretty good and aren’t terrible at all. Button, connector, camera, and other external locations make this an indispensable tool for anyone planning to mill or print an interface for any of Apple’s hardware.

So let’s see those projects! Maybe a better M&M sorter. Perhaps a time-lapse machine. Or cure your car’s Tesla envy and put a well-integrated iPad into the dashboard.

Apple’s Secure Enclave Processor (SEP) Firmware Decrypted

The decryption key for Apple’s Secure Enclave Processor (SEP) firmware Posted Online by self-described “ARM64 pornstar” [xerub]. SEP is the security co-processor introduced with the iPhone 5s which is when touch ID was introduced. It’s a black box that we’re not supposed to know anything about but [xerub] has now pulled back the curtain on that.

The secure enclave handles the processing of fingerprint data from the touch ID sensor and determines if it is a match or not while it also enables access for purchases for the user. The SEP is a gatekeeper which prevents the main processor from accessing sensitive data. The processor sends data which can only be read by the SEP which is authenticated by a session key generated from the devices shared key. It also runs on its own OS [SEPOS] which has a kernel, services drivers and apps. The SEP performs secure services for the rest of the SOC and much more which you can learn about from the Demystifying the Secure Enclave Processor talk at Blackhat

[xerub] published the decryption keys here. To decrypt the firmware you can use img4lib and xerub’s SEP firmware split tool to process. These tools make it a piece of cake for security researchers to comb through the firmware looking for vulnerabilities.

WiFi Mapping With A Smartphone

map

Not so long ago, mapping WiFi required a laptop, GPS, a big antenna and Kismet/NetStumbler. Today’s smartphones have replaced even this task. For those of us running a GPS and WiFi equipped Windows Mobile phone, WiFiFoFum is an excellent and simple solution, as well as a great companion for installing an AP. Continue reading “WiFi Mapping With A Smartphone”

IPhone 3.0 Adds Custom Protocol Support For Addons

iphone301

In middle of all the adding features that should have been available day-one, Apple announced something really interesting for the hardware hacking community. The new iPhone 3.0 OS will support application communication over bluetooth or through the dock connector using standard or custom protocols. From Engadget’s coverage:

10:19AM “They talk over the dock, and wirelessly over Bluetooth. Things like playing and pausing music, getting artwork — or you can build your own custom protocols.”
10:19AM “Now here’s a class that we think will be really interesting — medical devices.” Scott’s showing off a blood pressure reader that interfaces with the iPhone — wild.
10:18AM “Here’s an example — an FM transmitter. With 3.0, the dev can build a custom app that pairs up with it, and automatically finds the right station and tunes it in.”
10:18AM “With 3.0, we’re going to enable accessory developers to build custom apps that talk directly to that hardware.”

No solid connection specification has been published yet. We’re excited about the prospect of developing our own accessory hardware, but we wonder what sort of hoops you’ll have to jump through. Apple doesn’t have the best track record when it comes to approvals. Just this week they denied MSA Remote client App Store entry; it’s a multitouch client that uses the standard TUIO protocol. Prepare for similar roadblocks in the future.

[via adafruit]

25C3: Hacking The IPhone

[googlevideo=http://video.google.com/videoplay?docid=713763707060529304]

As promised in their yellowsnow demo, [pytey], [MuscleNerd], and [planetbeing] from the iphone-dev team presented at 25C3 on their work Hacking the iPhone. The team originally formed in 2007 and this is the most comprehensive presentation on how the iPhone was compromised to date. You can find the full talk embedded above.

Continue reading “25C3: Hacking The IPhone”