If you’ve used an iPhone, you’ve almost certainly seen the message that pops up whenever you plug your phone into a new computer. ‘Trust This Computer?’ it asks, before giving you the option to, ‘Trust’ or ‘Don’t Trust’ the machine.
Security researchers from Symantec have identified a new way of hacking your iPhone, and it all relies on getting you to click ‘Trust’ when your iPhone is connected to a hacked computer.
When you’re just plugging your phone in to give it a quick charge, it can be very tempting to quickly mash the screen to dismiss the notification.
But new research, as reported by iDropNews, suggests you should be especially careful to only hit ‘Trust’ if you can actually want to, you know, trust the computer. That means no trusting your friend’s laptop and it definitely means no trusting a public charging point at the airport.
The hack, which is known as ‘trustjacking’, makes use of the ability for iTunes to sync over Wi-Fi. This is enabled as soon as you tell your iOS device to ‘Trust’ a computer, after which point the device can sync over Wi-Fi so long as it’s connected to the same network.
This works great when you want to sync music or photos, but it’s less good when there’s malicious code installed on the computer in question, which could then be used to gain developer-level controls or otherwise manipulate your iPhone.
Thankfully, it’s a pretty simple process to ensure you’re not exposed to this vulnerability. Whenever you’re plugging your phone into a device that you don’t own yourself, just be sure to press the ‘Don’t Trust’ button.
If there are suspicious computers out there that you’re worried you might have already told your phone to trust, then you can reset your phone’s trusted list by choosing the ‘Reset Location and Privacy’ option from the Reset menu under ‘General’ in settings on iOS.