CalvinBackup/Unauthorized-Signer
1
0
Fork 0
mirror of https://github.com/JGoyd/Unauthorized-Signer.git synced 2026-02-12 23:42:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
Unauthorized-Signer/README.md
Joseph Goydish II ef787d49b3 Update README.md
2025-12-07 20:53:20 -05:00

97 lines
2.7 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Apple Internal Certificate Compromise
A **retail iPhone** was found carrying an **AppleCare Profile Signing Certificate** — an **internalonly credential** that is *never* shipped on consumer devices — with a **nonApple serial number** that still resolved as *trusted* under Apples certificate chain.
At the same time, the device ran **internal-only VoiceServices, Siri, and Speech logging payloads** at full diagnostic verbosity.
This combination is **cryptographically impossible** through any legitimate path.
---
## 🔑 Key Findings
### **1. AppleCare-Only Certificate on a Retail Device**
* AppleCare signing certificates exist **only inside Apples private MDM and service infrastructure**.
* They cannot be exported, provisioned, or installed through user, developer, or enterprise channels.
* Their presence on a retail device indicates **unauthorized access to privileged Apple signing material**.
---
### **2. Certificate Serial Number Not Issued by Apple**
```
0xb745972d0f5e989
```
* Not present in the Apple-RootCA or Worldwide Developer relations databases.
* Not present in any known AppleCare, MDM, or Device Services catalog.
* Yet the system accepts it as valid → **cryptographic trust boundary broken**.
---
## ⚠️ Internal Telemetry Payloads Observed
### **Payload: VoiceServices Debug**
```
UUID: CCCDC519-2EA7-4A1D-93B6-DD4F026F6629
Debug Level: 7 (maximum)
Public: TRUE
Persistence: TRUE
```
Full internal voice service logging — impossible on consumer firmware.
---
### **Payload: Siri Subsystem Logging**
```
UUID: 2cb17420-1f7a-012e-6679-442c03067622
28 internal Siri subsystems enabled
Verbosity: Maximum
Persistence: TRUE
Unredacted telemetry
```
This is Apple internal QA-level logging, not user-facing.
---
### **Payload: Speech Logging**
```
UUID: 01BEC389-FD6A-45FA-8AE1-F9442AA43B60
Speech Logging: ENABLED
```
Captures unfiltered spoken input and internal pipeline output.
---
## 🧨 Combined Interpretation
**Across all logs, three impossible conditions occur simultaneously:**
1. **An internal-only AppleCare signing certificate is installed on a retail device.**
2. **The certificates serial number is not Apple-issued but is still trusted.**
3. **Multiple internal telemetry payloads are active in production mode.**
### **This indicates:**
* A **privileged profile-level compromise**, or
* **Unauthorized access to Apples internal signing infrastructure**, or
* A **misuse of internal trust-chain keys** allowing injection of telemetry payloads.
### **Bottom Line**
This is a **full-chain trust breach**, not achievable through any user, app, profile, MDM, carrier, or enterprise mechanism.
Only an **Apple-internal or Apple-trusted pathway** could create this state.
---
Reference in New Issue View Git Blame Copy Permalink