Assiduous readers of this blog might have noticed a significant drop in the number of articles last year. Couldn't I find any interesting subject? Was I getting lazy? Hell no!
Today I am pleased to release Clatters for iOS and iPadOS. Clatters is an app to easily monitor in one place your brand, product or any other keyword on your favorite social networks - Twitter, Reddit, HackerNews and even comments on the iOS App Store.
Swift was introduced at Apple's 2014 WWDC and it is interesting to measure Apple’s own use of Swift in iOS over the years. iOS 9 released in 2015 included a single application written with Swift: Calculator. Since then the number of applications using Swift in iOS has grown each year with iOS 10.1, iOS 11.1 and iOS 12.0.
Now that iOS 13.1 is available, let's measure how many applications are using Swift this year.
libMobileGestalt is a private library in iOS that describes the capabilities of the device: system version, build version, device type, device features, status of the airplane mode, …
Apple obfuscates this information which makes it hard to know the capabilities of the device. In January 2017, I presented a method for Deobfuscating libMobileGestalt keys. At that time there were 673 known obfuscated keys and I managed to recover 564 out of the 673 keys (83%).
Since this previous article, Apple has released 2 major iOS versions, and new obfuscated keys have been added. In this post I quickly recap what is libMobileGestalt and provide the updated list of recovered keys.
A year ago I analyzed how many built-in apps in iOS 10.1 and macOS 10.12 were using Swift: Apple’s use of Swift in iOS 10.1 and macOS 10.12.
How many built-in apps are using Swift in iOS 11.1 and macOS 10.13.1? Let's find it out!
/usr/lib/libMobileGestalt.dylib is a private library which provides an API to retrieve the capabilities of the iOS device, as well as some runtime information: system version, build version, device type, current status of the airplane mode, …
Ian Beer did an incredible work with his iOS 10.1.1 exploit. The mach_portal proof of concept gives you a root shell on iOS 10.1.1. You can read more about it here:
While playing with it, I discovered that the amfid patch was only supporting thin arm64 binaries. I did not find a fix online so here is my solution.
Apple introduced in iOS 7.0.3 a setting to reduce motion ( http://support.apple.com/kb/HT5595 ) : Settings -> General -> Accessibility -> Reduce Motion
Sadly there is no public API to know if the user enabled “Reduce motion”.
In a previous post I explained how to detect if an app runs in a 32-bit or 64-bit iOS Simulator. It was not explaining how to detect if an iOS app runs on a 32-bit or 64-bit iOS device. This post aims at giving a generic method that can detect all cases: