Apple Watch Ultra 2 Hacked
discussions.apple.comI don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.
I read it all the time, "my insta was hacked", etc.
I would really like to know if hacking is as common as it is reported rather than a successful phishing campaign, a simple issue of forgotten password or getting locked out of email, account ban for rule violation, or something else entirely unrelated to actual hacking.
In this case my skepticism skyrocketed when the hackers write "we are in control".
> I don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.
It is a mechanism of shifting responsibility. If your password is "1234" and you gave it away to a totally legit MS support center employee that called you recently because MS has detected that your iPhone has a virus, then it is on you. But if North Korean hackers compromised your watch via elaborate hacking campaign to mine bitcoin on it, then it is "not your fault".
Same thing how all company breaches are attributed to "sophisticated state sponsored actors" even though most of the time the company provides zero evidence it wasn't a single bored hacker in their moms basement.
Or more often than not, a disgruntled current or past employee.
Or poor it policies !!
A little bit of a gap in understanding too. Something happened to your account and you don’t know how? Hacked.
Turns out for a lot of people your piss drunk self, your weird ex boyfriend, and that person setting up fake OF with a selection of your public fb/insta pictures, are all threat actors too.
Don’t forget: it’s never the victim’s fault, no matter how careless they are.
The customer is always right... unless they are not.
You just have to see how the media says 23andme was "hacked" when actually accounts were compromised using a password spraying attack.
If the original account is to be believed, they did not know the owner’s passcode/PIN. The attackers gained remote access to a device without the passcode/PIN. This suggests it was not phishing.
It sounds like a legitimate usage of the word “hacked” to me. Maybe not the most critical vulnerability because they did not gain full access, but they managed to gain some level of control of the owner’s watch without their permission, and it sounds like the reason was not that they left it lying around unlocked (to be clear it sounds like they got control because the watch was unlocked in the owner’s wrist, but they were accessing it wirelessly- sounds like an issue with Apple’s security model that can be fixed).
There's this site that provides news for these "hackers" and I'm not convinced any of them actually do any hacking.
See meaning 1.5 vs. 1.6: https://en.wiktionary.org/wiki/hacker#Noun
Hacker News is meaning 1.6.
How do we have time where there’s so much else going on?
My Skype account was hacked many years ago. It started with me getting an email about some credits being added (from my credit card that was in the system).
When I logged onto Skype, I had a new name, and a new contact, both of which were Ivan something. I immediately started chatting with Ivan, who told me that there was a weakness in the Skype login security, which he tried to exploit.
I changed my password to another Medium to Strong password, and a few minutes later my name was again changed to “Anders xoxo Hafreager”, and a message that he had hacked me again.
I still don’t know what he did or how he did it.
Check if you have an old email or phone number tied to the account. Attackers can get Microsoft to send one-time codes to them, no matter what else you have set up on the account. Worse, it seems this feature was added some time ago and every account was automatically opted into it.
I was getting dozens of one-time code emails per day caused by login attempts via what must have been Tor. None of them were successful logins, but it got me worried. They seem to have stopped after I reworked my account's requirements to include OTP, but now every couple of days my Skype app posts an error that it couldn't log in, when it is clearly logged in just fine. Even that OTP can't be a standard one, it has to be Microsoft authenticator.
Microsoft has been improving in a lot of ways lately but this is not just embarrassingly bad, it's substantially worse than it was a few years ago.
MS didn't invalidate the token he had when you changed the password?
So true. Normies be using security questions like “What was your fist dog called?” while posting about their first dog’s name in public #insta while complaining about being targeted by a 1337 h4x0r.
Ah yes, many fond memories of my dog dumfyg-gycpid-8Vujmi
Good ol dumfyg. I've bad a hard time pronouncing their name to service reps over the phone when locked out of an account.
In the future, people will name themselves XÆA-12 so even their login can’t be guessed.
You could just say "it's some gibberish" to restore the account.
"What was your first dog's name?"
"Oh, something random."
"Ah yes, correct, welcome back."
That's why people should make up something believable like "Mr. Poop Muffins"
Hacking is largely used to mean the breaching of a system by some unauthorized actor, and why shouldn't it? Word meanings change over time and this one got broader.
That said, phishing is a form of hacking the individual so even by a strict definition it still works.
While I agree with you in general, the behavior described in the article should not be observable without an actual hack.
Not sure if catalyst, but if the crowd learns something it is corpos and governments telling almost always the same story of getting hacked, cyberattacked, with the worst of criminal energy, even if its the most simple letting unpatched (more 1000days then 0days) software run or pretty much unsecured systems out open in the wild.. it is the common excuse everywhere for not understanding of an admitted for most too complex tech world.
Anecdotal, but 17 years ago it was also common to say "my runescape got hacked!" when in fact you typed your password on some runes-cape.freewebs.biz :)
Perhaps there is more to hack? At least when I was 20 years old, the only thing to be hacked was the dial-phone, a paper phonebook and perhaps a fax. Social media didn't exist.
Having so many accounts where some stuff might (or might not) be important, folks get very sensitive to being "hacked". Or in other words, having a stranger break in and rummage through their underwear.
I remember on boring days reading the factual entries in the beginning of the phonebook. I remember it as a broad description of how the bell system worked and how to use it.
In the late 70s in a central Pennsylvania farmhouse that was some of the earliest technical documentation I ran into.
At some point the same happend in computer games. Suddently every "cheater" or "abuser" became a "hacker".
Different times.
Someone posted a video and either the screen is having some ghost touches or the watch is actually getting brute forced
phishing campaign is a method of hacking
Hack in popular tongue has always meant authentication breaches in general, the method is not important. It's been this way for as long as internet has been a household word.
I mean, there is Apple Watch Mirroring, which does allow remote control of an Apple Watch for accessibility purposes. If they were able to somehow exploit that, I would consider it hacking.
I sort of hate how this thread immediately rallied around “must be crazy people hallucinating” and I hope Apple takes the reports a bit more seriously & investigates.
Edit: I do agree that passwords guessed or phished doesn’t count in my mind as hacking.
This is so hard to believe that I simply don't.
Either the user had a bad digitizer, and misread and/or hallucinated the "We are in control" message, or the entire story is made up. Perhaps a group of people working together to post "Hey me too!" stories? I'm not sure what the motive would be, though.
Extraordinary claims require extraordinary evidence, and this is beyond believability.
It's pretty obviously fake. A bunch of "level 1" (new) users, all with the same story? They literally mention the exact time & date in the same style, and mention the 1-minute lockout in the same way as well. Two of them use the same timestamp even, down to the minute.
Also, something I noticed working for large orgs with over 100K staff and 1M users: An appreciable fraction of the human population is simply mentally ill. Hallucinations, drug use, psychosis, etc... all have a non-zero rate. Given enough users, you'll get the same type that imagines being abducted by aliens and even makes police reports that sound suspiciously like the sci-fi movie that's popular at the time.
Not necessarily disagreeing with you regarding the people that are imagining things, but with a device so relatively popular as the Apple Watch, this could be very well explained by a software update that messed up the touch screen "driver" and is generating ghost touches. As the update rolled out, it started affecting more and more users who turn to the forums to look for help.
One consequence of these ghost touches would be inputting the wrong PIN which will initially lock the device for one minute, so I don't see what's strange about that.
Which messages, specifically, are you referring to with "exact time & date" and "same timestamp"? I skimmed through them but nothing of sort stood out.
Not only that, but all those new users actually bothered to look for a pre-existing topic on their issue instead of making their own new topic. Unlikely.
I own an iPhone and i would be a level 1 / new user if i had issues.
Otherwise, why on earth would i care about signing up to apple forums?
I’d only go there if i had issues (obviously)
A lot of the people here are much more experienced with technology, so our behaviour is going to be different, but I have a hard time understanding why someone would sign up for a forum as a first step for obtaining assistance. Calling the vendor, sure. Using vendor support options that connect me directly to their staff, sure. None of the people posting about the issue mention taking other prior steps in obtaining support (even though a couple of posts from established members say they should).
I suppose posting to the vendor forums is fine if you need support. On the other hand, I do not think it is an acceptable source of information about a security flaw in a product. There information provided is not verified. The sources are not verified. We don't know whether the details are true, a misinterpretation (innocent or malicious), or made up. In other words, there is no reason to trust what is being said. If I came in here suggesting that my computer was hacked, I would expect people to respond with similar incredulity. (I am simply someone who posts to a forum. There is no reason for people to trust anything I say, particularly if the posting doesn't contain detail on reproducing the problem.)
Personal experience from browsing n = n + 1 apple support threads: Just message support. It’s much faster and has a higher chance of producing a result.
Their support raises issues directly to the dev teams when they happen often enough, too. There's a good chance the touch screen team is working their asses off right now on this already
Okay, that covers 1/5th of the parent comment.
FWIW - The commonality of alien abductions can actually be decently explained by sleep paralysis + hallucinations (+ the mind already having been 'seeded' by the idea).
It's something that perfectly sane people could experience and not realize it was a hallucination because it's a quite rare & unknown phenomenon(and one that you often won't mention because everyone thinks you're crazy if you say it).
That fraction is about 4%: https://slatestarcodex.com/2013/04/12/noisy-poll-results-and...
You get different percentages depending on what you’re counting.
I regularly choose one of the first countries in those forms that collect your info so they can spam you. There’s some marketing person out there who is convinced Albania and Afghanistan are a cloud computing Mecca.
That doesn’t make me “crazy”.
Similarly, over 5% of students are on ADHD medication but they’re not what I would consider nuts.
What I mean is that there are people that would be homeless vagrants shouting about space worms burrowing into everyone’s brains, but they’re on medication and got a government job where from they’re nearly unfireable even if they stop taking their pills one day.
Two of my friends are conspiracy theorists… in private. It’s basically a fan-fiction club to them, a setting in which to make up stories.
I’ve met an IT guy who truly believed that software updates were a conspiracy and made sure that every system in that place used the “clean” golden image from the original CD and was never ever patched.
There are statics like “20% of all adults have some mental health issue” and then there is the guy who literally spends his day planning your murder because you didn’t talk to him at the water cooler.
Obviously this guy was fooled by a friend who was using his iPhone to remotely operate the watch (which explains the „we are in control“ phrase). Now in this forum numerous people that simply have a broken digitizer chime in. Case closed.
It wasn't obvious at all to me that that's even possible. But as it turns out: it's an accessibility feature (1) to mirror the watch screen on iPhone in order to voice control it or use assistive touch.
1: https://support.apple.com/guide/watch/apple-watch-mirroring-...
Surely this is a vector for attack then?
No. You need to gain access to the phone. If you have access to the phone, the watch isn’t interesting anymore.
> I'm not sure what the motive would be, though.
To make Apple Watch antivirus scams?
Maybe to make this scenario seem plausible?
> From: definitelyNotAppleScam.com
> Subject: Your Apple Watch is hacked
> Hello [insert name here],
> We have found that your Apple Watch Series x has been compromised by hackers.
> Please click on the link below to reset your password
> [Link that asks for previous password and something idk]
Hoaxers hoping to drum up enough news stories to impact Apple's share price to make money on shorting it?
maybe some kind of anti commercial to not trust apple products? but I wouldn't suspect any major brands for something at this level, so maybe just bunch of people trying to mess with people believes like it was multiple times in the past? like with charging iPhone in microwave etc, basically noone benefits just some folks want to see people panic
I wonder how such hack would even work. The watch does have the option to control it remotely, through the iPhone accessibility options, but obviously this only works with the paired iPhone and not over the internet.
> but obviously this only works with the paired iPhone and not over the internet.
That's the intended design, but perhaps the trusted device layer could be bypassed under some circumstance? It seems extremely unlikely, but maybe not impossible.
edit: The more I read and think about this, the less I think it's likely. I'll keep this as a devil's advocate sort of message, but I feel like I should still point out that the entire premise here seems a little nuts and the people reporting the hacks are more likely to be uninformed/paranoid/etc and dealing with ghost touches than the watches were likely to be compromised.
That multiple people reported a "spam" phone call right before the incident makes it look like they've found some zero day cellular exploit.
If this is for real I expect we'll hear more about it soon enough.
Only one person reported the spam call in that thread, the Marcus-II commenter. Their comment shows up twice in the first page and once on the second page. No one else mentions the spam call.
The baseband processor is entirely separate, with some basic commands and responses communicated from the phone's CPU to the baseband, so even this explanation is suspect.
No one is burning a baseband 0day to write "we are in control" on a screen.
Apple Employees can certainly access your devices remotely, I have seen it happening with iPhone, I don’t know about Watch.
Nevertheless, this does seem like an anti-Apple campaign.
That's not true. Apple employees can see a video feed of your screen after you accept their support request (similar to screen sharing over FaceTime), but they can't interact with your phone remotely.
Can you be more specific about when an Apple employee remotely accessed your iPhone.
It would almost certainly would be illegal.
I’ve had this happen when I called in a support request for some iOS issue I had. Their interface has all the devices on your Apple ID, and they can enable screen sharing on any of them after you accept it via a notification. I have to admit, it must be a lot better for the support experience as opposed to trying to verbally describe what’s going on.
This seems even more hard to believe and requires even more extraordinary evidence.
The thing that gets me is all the similar stories. I guess it could be astroturfing, but why that product?
One of the posters posted a video of the problem: https://www.youtube.com/watch?v=G6dazJk9AtU
It seems like the ghost touch issue, and not actual hacking.
I have the same issue. It’s clearly a bug and maybe both the funniest and most serious one I’ve ever had to deal with.
In my case I was waking up to my watch using itself. It changed contacts, added locations in maps, placed and cancelled two calls to emergency services and more. I then made the mistake of taking it off my wrist. Now the screen is locked and the watch will continue to enter wrong PINs, locking itself for more time every time. You can’t shut it down - the watch will start to type and dismiss the shutdown dialog (or call 911 again!).
I haven’t gotten around to taking it to an Apple Store and have returned to my Garmin watch.
Unpair and reset from the phone.
Or throw the device before it wastes more public resources by ghosting dialing public services.
Typing „we are in control“ would go beyond the ghost touch issue, if we believe the first reporter.
I am inclined to believe that the first reporter only thinks they saw this, not that it actually occurred (or they saw some random words appear on the keyboard that resembled this phrase).
„Popping up a keyboard“ as the user described is also not something trivially possible on the watch. That raised a red(ish) flag for me.
Anyone who worked with users would tell you stories about the stories the users tell to support about how they "didn't do anything at all, didn't touch it and now everything is gone! it's your fault!"
By the way, yesterday my Apple Watch 2 popped up a keyboard and wrote "pflenker is leichtgläubigertyp!" can you believe it?!
Congrats you were selected voor LLM Siri testing! There may still be some issues…
I think it's way more likely that whoever made that post is trolling, or suffered from some kind of schizophrenic delusion
(or maybe some really really unlucky markov chain)
I think you’re right, with this low N it can always be an attention grab.
I thought the same when I saw the video. I had the same problem with an Android phone, but the ghost touch was located in one zone of the screen because it was damaged. This looks like more like a software bug.
I will stay with my Garmin watch just until touchscreens become good enough to user under water.
This is a very frustrating issue, as it can make it difficult to use the watch...
It looks like watchOS hacked itself.
> they popped up the keyboard and typed “We are in control”
This reads like bad hacking fiction, complete with the guy typing that wearing a Guy Fawkes mask. Why the hell would the (hypothetical) attacker lose precious time doing something like that.
> Why the hell would the (hypothetical) attacker lose precious time doing something like that.
Because it’s probably kids messing around.
Their own kids, not unlikely.
Not too keen on the anecdote either, but with the Flipper Zero script kiddies around, you can never be too sure. Just a couple of months ago, you saw headlines of low-skill pairing dialog DOS attacks.
I believe HID-over-GATT was recently introduced to iOS (only a decade late), and implementation details could potentially be relevant here.
https://arstechnica.com/security/2023/11/flipper-zero-gadget...
Typing "We are in control" looks like kids bragging about their hacking skills. Not the usual hackers but who knows. Furthermore it means that the hack was not automated (yet.) A person was there, typing commands. Again, unusual.
On the other side hacking a watch is something that probably doesn't get unnoticed by the wearer if it must go through the UI. Are they subtler ways to get in control?
To be fair, one famous malware literally just says "you are an idiot"[1] out loud.
I have upvoted this, but on a second thought, this is probably what I would do as well if I had the possibility to observe the victim, yet all the chances to have not been caught. Makes for an exhilarating complaint and report as well (evidence: this thread).
True or not it really does sound like hacking fan fiction.
A lot of people hack because it’s fun to freak out the victim, and also we have a huge number of historical examples of hackers taunting the victim.
Does it even have a keyboard? My Apple Watch 3 does not. Just a scribble pad to draw letters.
If I long press on an input field on my apple watch s9 a keyboard pops up on my iphone.
You don’t do it all in a guy fawkes mask?
Because its fun?
It sounds like delusional thinking and someone with a mental illness.
This is probably not hacking, but the ghost touch issue.
https://www.zdnet.com/article/ghost-touches-are-haunting-som...
Unless the "ghost touch" issue randomly typed "we are in control" on the author's watch like he claims, then I don't think it's related. If this isn't hacking, then the author is just lying (which is what I suspect, based on all the similar claims being made and upvoted by new accounts that have never engaged in any other topic on the Apple support forums before this).
That part seems made up. I don't think the watch possesses the capability for the level of remote control they are talking about, especially on production builds.
My guess is the same but I’ll just add that to this day I only have one message in my apple support forum account, posted when I encountered a nasty bug with iOS few weeks ago.
In the discussion thread, it's stated:
I stared pressing the button to return home and they popped up the keyboard and typed “We are in control”.
That would be a very unusual ghost touch issue, if true.
Ghost touch plus autocorrect. Also check out the YouTube video.
The video looks a lot like ghost touch. Could be 2 separate issues.
maybe the ghost is english-speaking ?
I wonder why most of the comments take it very casually and say may be issue with digitizer/ghost touch. Had it been any other OEM, this would have been such a big issue with anecdotes of why people trust apple products.
If you were genuinely remotely hacking a smartwatch, you’d be executing background processes to exfiltrate data entirely invisible to the user, not doing some bizarre remote desktop thing randomly tapping around on apps. The claim doesn’t pass the sniff test irrespective of the manufacturer.
Unless the attack vector is the "screen mirroring" feature of the Apple Watch? https://support.apple.com/en-gb/guide/watch/apd890848603/wat...
Exactly. This comment section really is a display of the Apple bias on HN.
I don't doubt that this might be nothing, but seeing all these commenters completely dismissing it is rather odd.
Hopefully Apple is less dismissive of this potential security issue.
It’s because a lot of people on HN have dealt with bug reports from users that were clearly fabulations after investigating thoroughly
Many commenters might be confident because they are familiar with the device, its security and perhaps even development for it.
If this is a software (or somehow even a hardware) issue, than it's still not positive for Apple.
From experience, you really can't just take user reports at face value. There's almost always something there, but it may or may not be what the user thinks it is.
So it's a good idea to apply Occam's razor.
Digitizer/ghost touch is probably the simplest explanation.
The only thing the hacked/pwned idea has going for it is the "We are in control" message, which is still a bit marginal if the watch really was hacked. (None of the other posts mention this and why would a hacker type that message in? Could be because it's a practical joke or maybe part of a phishing attack, but those are tenuous and nothing else mentioned supports those.)
I would have said the same thing if it wasn't for the recording in the forums which shows it pretty clearly as "random touches".
If you have access to control the touch interface or to type a message on the screen you already have full control to the device. Look at the video, the input is so random, it's a software bug.
iOS developers who have done work for watchOS know that, during development, you are barely able to connect an Apple Watch to Xcode. It is flaky as hell. So thinking that someone can remotely control an Apple Watch is a bit hard to believe.
Ghost touches and typing "we are in control" with predictive text, sounds more plausible but still raises an eyebrow.
I had been locked out of iPhone in my pocket in hot summers due to presumably ghost touches. Maybe people know it happens with Apple products.
I do not believe the comments would read any different if it was an android watch
I think the "We are in control" thing is a dead giveaway that this is fake. Communicating with the victim might be essential to get access, but afterwards it's just about extracting whatever you need as fast as possible in my understanding.
Is it possible there’s an exploit to remotely touch, which at first looked random, but as people figured it out learned to actually operate the device?
let's imagine that that's the case. imagine that you are the attacker that figured that out, what are you going to do? start attacking random people with random clicks on their screen or keep it in private until you figure out details how to make it useful?
thats why this sound like some kind of hardware malfunction (or some substance on touch screen - I personally experienced ghost touches on my phone from dirty screen) or it's some kind of prank by kids using some flipper and previously authorized device or something similar
This looks very much like the accessibility feature “Control Watch with iPhone” when AssistiveTouch color is set to Grey in the Watch accessibility settings…
https://support.apple.com/en-my/guide/watch/apd890848603/wat...
So an attacker has gained remote access, yet needs to perform operations using a sort of Remote Desktop approach? Plausible — in movies.
Apple Watch does have a remote control feature, intended for controlling the watch from your phone, as part of the accessibility options. It's certainly technically possible that this feature is being abused to get access to data that would otherwise be locked down by Apple's strict sandbox post-exploitation.
Or, more likely, it's some kind of shitty prank by someone nearby to the users.
I had a similar issue a few days ago. Watch started pressing random buttons and wouldn’t let me intervene. After a while it stopped.
The presses were completely random and amounted to nothing. Looked like the process that reads touch went into an infinite loop of some sort.
Has only happened the one time. Lasted about 2 minutes. I may have rebooted the watch to make the issue go away, can’t remember.
Thus is very likely the screen ghosting issue that Apple is currently investigating: https://www.macrumors.com/2024/02/13/apple-watch-false-touch...
First of all, why would anyone even care about you enough to want to steal whatever health data is available? Is there any particularly sensitive personal info stored there?
Second, presumably if one gains access to the device through a sophisticated hack they'd probably also be able to exfiltrate data without having to alert the user.
With all of that being said, I wish there was some sort of black box mechanism for logging certain events in such a way that the device itself can't tamper with it. That way you'd have a log that can be easily analyzed to judge whether or not a hack is likely to have taken place. Right now if you open the syslog on an Apple device it's filled with so much crap that it's basically impossible to detect if anything nefarious was likely to be happening.
> First of all, why would anyone even care about you enough to want to steal whatever health data is available? Is there any particularly sensitive personal info stored there?
This is a strange argument. Of course there can be sensitive data there. Photos, (i)Messages, eMail, calendar events, addressbook, health data, voice recordings, location data. The device is password-protected for a reason.
It is also usually connected to a paired iPhone and to the Internet. You might be able to do some shady stuff with the phone using private APIs.
> .. I wish there was some sort of black box mechanism for logging certain events in such a way that the device itself can't tamper with it..
This is called an append-only log. It can be built in many ways. Which way is suitable largely depends on the security requirements.
My personal favorite kind of append-only logging is transparency logging. If you'd like to learn more you can check out e.g. sigsum.org, an open-source project my colleagues and I have been working on for several years now.
I just looked through what Health stores and it has fields for your lab test results and sexual history. Seems fairly sensitive?
My clever idea to explain this is:
It's a factory test script is getting triggered on the watch somehow.
It would normally be run near the end of the manufacturing process to ensure everything is working as expected. It automatically runs through a series of steps hitting a wide swath of watch functionality and would look a lot like someone rifling through a watch remotely. But a persons watch wouldn't have test data or factory password, so the script soon ends up getting the watch locked (or maybe that's just part of the test).
It could even conceivably type the message "We are in control" (though I have my doubts about that part of the story), because, as those of us who know some hardware verification folks, that's right where their sense of humor is.
If this is actually a bug as most of you think. It's likely a hardware bug and all these devices are kinda faulty? Isn't that the real news here.
If it's an hardware issue with touch it just means that no software patch can actually fix it enough to not waste battery in future. And that there is a realistic change that the issue gets worse when the devices get older.
I can't imagine a hardware bug could manifest on the same date.
The ghost typing seems to be present for others and before the linked reports as well.
This is likely related? https://www.macrumors.com/2024/02/10/apple-watch-series-9-ul...
Edit: A hardware issue that appears like a remote take over?
"Everybody having similar issues should report that directly to Apple by using the Feedback link."
Ahahahahahahaha. This must be satire!
I believe it may be the ghost touch issue like others mention, but with the addition that watchOS 10.3 dropped a week or two prior to these reports.
Possible it tried to do something about the ghost touch and made it worse in a subset of devices.
That feels more likely than a bunch of random people all being targeted with no other commonality like region or status
Based on others comments, and the fact it's only Ultras 2 and series 9 is it hacking or ghosting issue?
https://www.macrumors.com/2024/02/10/apple-watch-series-9-ul...
There’s a feature to use your iPhone to do keyboard input on an Apple Watch. Could it be that? Don’t tell me Apple left out some authentication. I know you can do something similar with text input when you’re on the same network as an Apple TV and someone’s inputting text. It’ll prompt on your iPhone to submit keyboard input.
This whole thread is filled with terrible advice and wannabe Snow-Crash writers, plus people who think "hackers" are scrolling through your files just to get to your fitness files.
I am kind of shocked, that state of mind was acceptable around 95-2000, but not a quarter millennium later.
I for sure live i a bubble, but are people really like that?
The apple forum really is a special place. Stuck in time, weirdly toxic and surprisingly unhelpful.
I've only had to browse it for information a few times, but it really is shockingly useless. I've never found an actual answer on those forums.
Even Google's practically useless forums have helpful users who suggest workarounds between the hundreds of "I have the same problem" comments. Microsofd's near-useless forums have some good information if the thread doesn't die once a Certified Super Microsoft Systems Engineer tells you to reinstall Windows (because that seems to be all they can come up with). But for some reason, Apple's forums are somehow worse. Maybe it's because of Apple targeting a more tech-averse audience, I don't know, but when it comes to Apple's forums, nobody has any real answers.
I think a lot of it has to do with there often not being actual answers as most of the system is hidden from the user anyway.
But I have had the exact same experience. Up to really hostile behaviour and suggestions to reinstall from scratch. (I didn't know I need to start 'code' to agree to a license to update the c compiler, absolutely new to the OS coming from Linux and stuck for nearly a day) got plenty of feedback in a short time but most were along 'go back to windows' or 'did you try [obscure third party tool]', literally none actually helpful. Could be bad question asking, or just unlucky experience but it stuck to me.
I rather get ignored in Microsoft forums or semi angry 'where are your complete logs!?!1' in the Linux forums.
*quarter of a century. A millenium is 1,000 years and quarter of a millenium would be in 2,250
whoops, i should not read that much Science fiction ;)
PS: but a little correction not 2,250 but 250 years or 0.250 millennia.
I had exactly the same problem last week. Random touch & drags on the watch, it took me some effort to shutdown the watch without making an accidental emergency call.
Given apple's security track of record and the fact that I pose no value as a target for the such an hacking effort. I deducted that it just was ghost touch.
Modern software is bad enough that I wouldn't be surprised if this is true, but the modern stock marked is also detached from reality enough, that I wouldn't be surprised if this was an attempt at market manipulation either.
I had a similar issue with my Apple Watch a couple weeks back. It would randomly input touches without me interacting with the display at all.
I restarted it and the issue was gone - I doubt there was any hacking involved.
This happened to my watch; it was not a fun day at all. Not sure if it was a glitch or a hack but it was very disconcerting and I did a full factory reset, re-pair and a different passcode.
All the people claiming this happened are level 1 posters so I’d take it with a grain of salt at this point.
If governments can hack your devices, so can private bad actors. https://www.cnn.com/2018/10/13/middleeast/khashoggi-apple-wa...
Apple has a strong security track record, and its devices are generally considered to be more secure than other brands. However, no device is completely immune to hacking... This is the first time i've heard about Apple Watch hack
This has nothing to do with hacking and everything to do with the ghost touch issues that apparently affect multiple Series 9 and Ultra 2 users (although I’ve not seen it on my series 9 myself).
Way back in the early days of Android (pre Ice Cream Sandwich), I spoke to one co-worker who told me that when they looked at their Google Map app while driving it would show their actual physical car (and all the other surrounding vehicles etc.) on the satellite view - in motion - in real time.
No manner of attempts by me to state why this was impossible would dissuade them and they went away thinking I was the technical idiot as a result.
So “we are in control”?
Yeah, no.
This is what happens when folk think that shows like NCIS and their ilk are factual based docudramas.
Obligatory link: https://m.youtube.com/watch?t=14&v=u8qgehH3kEQ&feature=youtu...
Has anyone noticed such behaviour for iPhone lately?
I know a person who reported something similar (saying his PS4 got hacked and was under control). Turns out he had paranoid delusions.
Since when can you arbitrarily pop open the keyboard and display typed text from the Home Screen?
Yeah, if you told me I had 5 seconds to pop up the keyboard on my Apple Watch, I would probably lose. Maybe I'd try to go through my GF's button to her profile and then to messages? Where else can I get a text input really fast?
On anonymous comments on the internet and in movies.
I think the OP in the linked thread is a complete hoax, and all the commenters are experiencing the random phantom/ghost input issues, googling it and hitting that thread. If you read carefully they all sound like their watch is receiving random inputs.
So not hoax then but scared users that need to help understand their device and it's honestly very bad bugs?
Not sure it does matter at this point, these people paid $800 and now feel their device is heavily insecure, they need help and a explanation from official side they understand.
TLDR: Their watch digitizer got messed up. Likely submerged it in water and it was all over.
Case closed.
I was with you until "Likely submerged it in water and it was all over". Flagship phones and watches have been waterproof for many years now. I use my iphone and my apple watch in both the pool and the shower regularly with no issues
Ah, but what you're failing to take into account is that there are magnets in the Apple Watch. And as we all know, you drop some water on the magnets, that's the end of the magnets.
Truth!
/S
Trump is activity being evil, dividing us for his own benefit.
I was swimming with my Apple watch in Hawaii, after a couple of days of swimming the side button sank into the case and got stuck. Now the fun began, long press on that button is an automatic call to 911. I had several calls happened and had to explain to a 911 operator why I'm calling but eventually I was able to turn off (shut down) the watch completely.
My Apple Watch 3 was suppose to be safe to swim in. But it did mess up after going swimming in it a few times.
Admittedly, this was last year and the watch was already 4 years old.
I think you just got unlucky. It's a mixed bag with "waterproof" phones, but [flagship] smartwatches should be pretty solid. My GF and I both had Galaxy Active watches, now we have Apple watches, we go swimming and kayaking with them, zero issues.
I’m not complaining. The watch was over four years old. It is what it is. If it were newer, I would have been much less non chalant about it.
At first it started randomly calling 911 and then it just stopped charging altogether.
and it typed "We are in control"? Very unlikely.
Not as unlikely as one might think. The random inputs, after unlocking the watch with a passcode, might hit the messages app if that is set up as a complication. Then something similar to we are in control is written (drawn letter by letter), which might autocorrect to what OP in TFA saw. Apple autocorrect can come up with some wild sentence constructions.
It is very unlikely