Today, Apple stopped signing all iPhones for iOS 15.2 verification. This means that once users upgrade their phones to the latest iOS 15.2.1 version, they can no longer downgrade to 15.2 or earlier. This isn’t the first time Apple is forcing a new system on iPhone users. Earlier today, there were reports that Apple will completely stop updating iOS 14 and push iOS 15. Defending this decision, Apple claims that allowing users to stay in iOS 14 was only temporary.
However, whether Apple stops updating iOS 14 or closes the iOS 15.2 verification channel, the target is to ensure that users upgrades to the new system. Judging from a recent data, the upgrade rate of iOS 15 is worse than that of iOS 13 and iOS 14. Within four years, the iOS 15 share is 57%. In contrast, iOS 14’s four-year share of installs is at 81%. For iOS 13, the install rate was 77%. We can see that in terms of installation, iOS 15 actually performs worse than the iOS 13 and iOS 14.
The lower upgrade rate is largely due to bugs in iOS 15 such as automatic brightness failure, unstable battery life, etc. These issues make many users unwilling to experience the new system. In the latest iOS 15.2.1 system, there has been user feedback, indicating that there is a bug in the system. The keyboard number keys, delete keys and other keys do not display correctly. The operation becomes stuck after the upgrade and this makes many users unwilling to upgrade.
iOS 15.2 devices are vulnerable to HomeKit Doorlock issue
A new potential issue has emerged and is affecting Apple HomeKit, which directly affects iOS 14.7 through the newer iOS 15.2. The issue is a persistent denial of service vulnerability that carries the “doorLock” moniker. The issue has been found on Apple HomeKit, which for those unaware, is a software framework that lets iPhone and iPad users control smart home appliances directly from their handsets.
Security researcher, Trevor Spiniolas, publicly disclosed the details of this vulnerability. According to him, Apple has known about the flaw since August 10, 2021. So far, nearly five months have passed and the company didn’t address the issue. According to the researcher, despite the repeated promises to fix it, it remains unresolved. In order to trigger “doorLock,’ an attacker would change the name of a HomeKit device to a string larger than 500,000 characters.
Spinolas has released a proof-of-concept exploit in the form of an iOS app. It has access to Home data and can change HomeKit device names even if the target user does not have any Home devices added on HomeKit.