I’m kind of surprised that Apple doesn’t encrypt keystrokes between its keyboards and the host machine, given than they have the capability to enable the keyboard to authenticate the host using PKI.

Maybe this is on their todo list.

So we can’t use third party keyboards with Apple devices? No thanks.

That’s...not what parent typed. Use whatever keyboard you like, but you’ll only get E2EE with an Apple keyboard.

The cable claims that it's a random 3rd party keyboard when it talks to the Mac, the cable claims it's a random non Apple device when it talks to the keyboard, the keyboard falls back to non-encrypted mode as it's not on a product that supports it.

Man in the middle is hard to prevent when you need to be compatible with incredibly broken insecure legacy protocols.

Apple could maybe go the route that all new Apple keyboards only work with new Macs and iOS devices, but that would mean that they can't work with any existing Apple hardware or third party systems.

I guess the MITM attack could be mitigated in the OS by showing an "encrypted keyboard connection" UI indicator of sorts. Assuming the MITM hardware doesn't exploit a vulnerability in the OS to incorrectly show that indicator. ;)

And does Apple care? Unlikely… Preventing MITM cable hacks is not a common use case.

You kind of get that with Bluetooth keyboards.

The boot rom of iPhone 8 and older have a publicly known exploit. If you plugged your phone in to charge, and then it spontaneously rebooted, how much forensic digging could you actually do?

How much are you willing to bet that there's not a private exploit against newer iPhones? Not in terms of dollars, but in terms of private data that Apple's iPhone that you're renting from them has access to.

These are more general purpose than just those attacks, the author of the firmware has demo videos of cables attached to Android and iOS devices that when the payload runs they open the system browser and loads a specific page. Depending on what you can do with a web page at any given time on those devices it could be a springboard.

You could also do some passive/active data gathering. On Windows when you plug in an iOS device, if the device trusts the computer it will allow it to access all the photos and videos on the device. The cable it self could then start grabbing those images and sending them over the WiFi link. I don't know if these cables support that, but the concept is valid.