Purple, a new iPhone repair tool, is not a jailbreak. It’s not a critical security flaw. When you run it on an iPhone, your screen turns a solid color, maybe. Using it any further requires a Mac and an obscure cable.
But Purple has real potential.
iPhone board repair is intensive, delicate work, involving soldering tiny chips and components under a microscope. Purple, according to one board repair expert, could eliminate the need to remove and replace the iPhone’s main storage chip when fixing fileystem errors or trying to replace some other chip. Instead, Purple reprograms the storage chip directly on the phone, potentially saving a desolder/resolder job.
Because it’s only been around a couple months, and cannot be patched out by Apple, there’s a chance more powerful uses for Purple may be uncovered. And it works on iPhones 4s through X—the vast majority of phones that might need logic board components .
“For some jobs, it could save you 20-30 minutes,” said Justin Ashford, repair tech and host of the Art of Repair YouTube channel. “Know what the average board repair job is? 20-30 minutes. That’s one more job they can do. That’s worth a lot. And that’s just what we know now.”
Purple is the work of Giulio Zompetti, a repair tech, security researcher, and avid collector and researcher of iOS prototypes and internal tools. The app utilizes the checkm8 bootrom exploit to load a diagnostic tool into the iPhone’s memory. That tool, referred to as “Purple Mode” or “PurpleRestore” (due to the color some iPhone screens display with the tool loaded), allows you to edit otherwise inaccessible hardware-level system configuration files.
That’s important in board repair. An iPhone will reject certain replacement chips if their serial numbers do not match what the config files expect. Without editing access, repair techs must turn to “bed of nails” programmers. Using a programmer requires de-soldering and removing the phone’s storage chip (NAND), placing it in the socket press, then unbinding and replacing the serial numbers for each replaced component. That process is tedious and painstaking. Now there’s a tool to do this in software and skip the physical reprogramming, at least for some repairs.
So far, Ashford and Zompetti have seen Purple rewrite the serial number for a Wi-Fi chip. Mark Shaffer, lead microsoldering technician at iPad Rehab, noted that Wi-Fi chip replacement, while a known problem with the iPhone 7, isn’t a common job. Serial number binding isn’t necessary for some common chips, including power management and charging controllers. And you still need to solder most of the components with serial numbers that Purple can edit.
But Zompetti believes more discoveries will come as people spend time with Apple’s not-quite-secret diagnostic tool. He sees his Purple app allowing for testing cameras, displays, and other phone components. It could let DIY types fix their own NAND issues, if they involve corruption or partitions instead of hardware faults.
All this could be done, Zompetti hopes, by someone with a serial programming cable, a Mac terminal, and a mind for repair. At the least, it might save some repair techs from having to buy different programmers for each generation of NAND storage, at a cost of hundreds of dollars each. Ashford notes in a chat with Zompetti that a new generation of NAND-programming “DFU boxes” (possibly based on the same tech as Purple) have already been supplanted by Purple.
“I’m a really lazy person, I search for the easiest way of doing things,” Zompetti said. “That’s why the app is a single button. I put together all the things I learned, the low-level stuff, together for myself, into a one-click solution.”
It’s important to note that Purple, and the checkm8 exploit it utilizes, are not major security vulnerabilities. Using checkm8, and then Purple, requires an iPhone be in DFU Mode. DFU Mode requires holding a button combination on the phone, and that the phone be connected by cable to a computer. Checkm8 is also not persistent—after rebooting your phone, the exploit is rejected and no longer present. This one-time, physical-presence-required exploit can’t get at an iPhone’s encrypted user data, and is an extremely unlikely vector for malware.
“I don’t personally see a clear security challenge here,” wrote Will Strafach, founder and CEO of iOS firewall Guardian and a former jailbreaker, in an email. “It’s simply changing the area of flash memory on the device (normally protected) which stores such hardware information. … [I] can’t think of a clear malicious/dangerous use, and again you need the physical possession of the device.”
It’s also worth noting that checkm8, and therefore Purple, are distinct from jailbreaks, which load altered operating system code onto an iPhone. Apple can patch out jailbreak vulnerabilities, but checkm8 exploits the first code the phone executes, built directly into hardware chips.
Zompetti said he plans to keep Purple “lite” free for people who want to tinker. A “pro” version, with a graphical interface and more help with editing config files, may soon follow. The app was born out of Zompetti’s curiosity as to why NAND programmers seemed to have iPhone motherboards jammed inside them—it implied that the iPhone was capable, with a nudge, of editing its own files, he told Ashford in their YouTube chat.
Even if Purple only ends up saving some repair techs a couple of soldering tasks for a few jobs, and lowering the bar a bit for entry into the field, it’s worth it, Ashford said. Every time you can avoid putting heat on a board, Ashford said, you avoid risk, no matter how good you get at microsoldering.
Purple also shows once again that Apple’s security vulnerabilities are actually a boon to repair, security, and longevity. Apple has tools that could make it easier for its devices to get fixed at a deeper level than the company offers. It just takes an epic bootrom exploit, and an Italian enthusiast, to bring them out.