Trust store version 2024013100

I can’t identify it, but would also like answers from someone who can. My OS is up to date, but it doesn’t match the number that Apple provides on this website when you click the link “Learn more about trusted certificates” on an Apple device in Settings. They say “This article lists the certificates for Trust Store version 2023071300, which is current for iOS 17, iPadOS 17, macOS 14, tvOS 17, and watchOS 10 and later.” I’m curious about the discrepancy between these two numbers.

The url where I got the quote is: https://support.apple.com/en-us/105116

I just discovered that I have the same version. And I also just discovered that my husband has put a MDM on my phone without me knowing!

RegularGal17 wrote:

Having same issue, among many others, including (but not limited to) having Enterprise MDM installed, developer software, etc. Haven’t been able to get any help anywhere (DHHS, FBI, FTC, FCC, etc) and as a health care provider, I have protected health info on my device!

If you’re a covered entity or business associate, you’ll want to discuss your concerns with your organization’s IT InfoSec organization, and with your organization’s legal services. Nobody replying to this around here is likely part of your InfoSec, or is part of your legal representative.

Otherwise, “If an entity does not meet the definition of a covered entity or business associate, it does not have to comply with the HIPAA Rules.” That means that data is yours to protect as you see fit, absent other commitments between you and others, or other applicable non-HIPAA regulations.

The trust store was updated back in January (on the 31st of course, as is indicated in the version), and as has been typical in recent years, the Apple documentation has lagged.

The article that’ll likely eventually be updated is this one:

Available trusted root certificates for Apple operating systems - Apple Support

Others have logged feedback about that missing article, and y’all are welcome to add your comments to that article. Tap “no” next to “helpful?” at the bottom of the linked Apple article, and fill in the feedback text box.

ooohlalabee wrote:

So who CAN help ?!!

This thread is about Trust Store, and that’s a fundamental part of iOS, distributed authentication, and secure networking. Most any modern computing platform has an equivalent trust store, as well.

An iPhone that has actually been exploited is far beyond the assistance that can be offered around here.

Not past what has been suggested in many previous replies (factory reset, unique and robust passwords, security keys, maybe lockdown, etc), and for cases detected by Apple in Apple Support articles including: About Apple threat notifications and protecting against mercenary spyware - Apple Support

Nobody here has the access to rummage through what you’re reporting either, and to identify and to differentiate what are unfortunately utterly normal and mundane activities which can include Cloudflare IP addresses (that is probably iCloud Private Relay usage, for instance) and the endemic commercial surveillance, and what evidence might or would indicate a compromise.

As for “peace of mind”, that’s a difficult proposition to achieve. At best. No one can prove a negative; that a device was not or is not or cannot be exploited. Not to the satisfaction of most folks posting in these threads. And for all any of us can know, you might be a valuable target to some exceedingly well-funded adversary—the sorts of individual exploits used here are worth millions of dollars, and are targeted; not deployed with profligacy.

Dmgator wrote:

Same here! They tell me it's impossible and I'm basically crazy. Many vulnerabilities they do not want broadcast.

This thread is about the Trust Store, and that’s a fundamental part of iOS, distributed authentication, and secure networking. Most any modern computing platform has an equivalent trust store, as well.

An iPhone that has actually been exploited is far beyond the assistance that can be offered around here.

Not past what has been suggested in many previous replies around the community (factory reset, unique and robust passwords, security keys, maybe lockdown mode, etc), and for cases detected by Apple in Apple Support articles including: About Apple threat notifications and protecting against mercenary spyware - Apple Support

Nobody here has the access to rummage through your device, nor through the device-security-relevant parts of your life.

No one can prove a device was not or is not or cannot be exploited. Not to the satisfaction of most folks posting in these threads. And for all any of us can know, you might be a valuable target to some exceedingly well-funded adversary—the sorts of individual exploits used here are worth millions of dollars (each), and based in all available evidence are targeted; are not utilized and not deployed widely.

As for broadcasting vulnerabilities, neither Apple nor security researchers are inclined to provide details of vulnerabilities that might then lead to cause widespread exploitation of an existing vulnerability, pending remediation.

Having same issue, among many others, including (but not limited to) having Enterprise MDM installed, developer software, etc. Haven’t been able to get any help anywhere (DHHS, FBI, FTC, FCC, etc) and as a health care provider, I have protected health info on my device!

Isosceles_ wrote:

Please provide links to the feedback that others have logged about the missing apple.com article. This thread is the only search result I’ve been able to find thus far about Trust Store Version 2024013100.

Apple doesn’t publish directly-provided user feedback. I’ve previously logged feedback around this, and I’ve seen the same stale-article case arise over the years, too. There are previous trust store discussions mentioning both that article and this same situation, too. Which should be enough keywords for your search.

If you want to log your own feedback, that would be this: “Others have logged feedback about that missing article, and y’all are welcome to add your comments to that article. Tap “no” next to “helpful?” at the bottom of the linked Apple article, and fill in the feedback text box.”

No malware and no hacker would be 🤡 enough to intentionally change the trust store version number, and if any malware has write access to iOS (which would inherently be involved in adding or removing trust store contents), there are better targets for modifications. If it were not a legitimate change, that difference would be a 🚩.

If y’all believe you might be or are the target of the sort of malware that could make changes to iOS itself including changes to the trust store and its displayed version, y’all are also far outside the scope of what anybody here can help with.

I also have this!! I have been dealing with my devices being compromised & mirroring to a PC & I know it’s on a MDM but bc it’s not listed under VPN & device management, they say it’s not. But I have found it’s hooked to a pc that has it on. I also found that my IP address says I’m on a cloud flare Enterprise/Corporate web hosting!! This is my personal phone!! Never have I ever had a business phone. How do I remove this?! Or trace it back to whoever did this ?! I have my suspicions but would love solid proof, as this has devastated so many aspects of my life. But peace of mind mostly, having no privacy. Having them in my surveillance cameras etc! 😫 How do I stop screen mirroring as well?!i

its almost like they’ve recreated my entire settings app bc I’m missing certain settings- no pasteboard at all!!!

I’ve even found a video of my keystrokes being recorded with a quick time video in my iPhone messages storage !!

I can go on & on! Sure I can factory reset but they’ve used DT to manipulate the code in all my apps as well. All my email accounts are intercepted & sent as phishing emails & any time i contact any company for support, I get a reply from “zendesk” support & get no help! HELP!!

Also, is anyone familiar with

So who CAN help ?!!

Please provide links to the feedback that others have logged about the missing apple.com article. This thread is the only search result I’ve been able to find thus far about Trust Store Version 2024013100.

I too have this cert. So nobody has an explanation of where it came from and the legitimacy of the cert?

I can tell you I’m 100% hacked rn. Saw my mic running in top left corner and my cam light randomly comes on. Also yesterday the hacker jammed up my “find” app toggle by graying it out. I had no choice but to restore factory settings and use an old backup. I’m pretty sure he did it via LTE which is scary. My 2 PC’s also are hacked.

I literally have tried everything and the antivirus and malware apps are worthless for these exploits. The guy is very good, super relentless, dedicated, calculating, fast, and I’d wager to say the FBI is already looking for him. I’ve spent tons of hours trying to figure it out. Pretty sure system32 folder is where it’s at in my PC’s.

I slso stumbled across a bunch of codes that tell me things about my phone that I never knew. This guy had my unanswered calls forwarded to a Miami (305) number and when I called it’s a voicemail. I was able to change his unprotected vm password to a 4 digit pass yesterday and no messages were left.

I’ve switched out my xfinity xfi router and have reset my network 5 times in 4 days to no avail. I went out and procured the top rated antivirus and malware apps) mostly trials and not one of them found my problems.

I took my phone offsite last night and restored. After he restricted my control over the find my app and another app Game Center uses I lost hope until I remembered about the DFU mode. I could restore bf that as iTunes and iCloud would say turn on the find my app and try resetting again.

So, after all this the dude is back. If you want to check out the codes to dial, search on web “2024 best iPhone codes” and it should intrigue you.

So I think he’s using a server, socket, c and remote (not MS remote) in my PC’s. I’ve gone into services on win 10 and zapped a bunch of running services and got his attention bc he would shut me down of the settings, firewall, start button, and anything else. He made my admin status look like a joke on my own PC’s. I’ve been recording hrs and hrs of footage on my PC’s and naturally he messed up a couple times. I bet both my arms Im in a spot where nothing can help me at this juncture until the mouse gets the cat. That’s my .02. It’s obvious he like lawnmower man and sitting pretty in side my network somewhere

TL;DR - I’ve been hacked and believe there’s nothing yet that can combat these exploits and it’s so frustrating!!!

Same here! They tell me it's impossible and I'm basically crazy. Many vulnerabilities they do not want broadcast.