this post was submitted on 27 Dec 2023
356 points (98.9% liked)

Technology

57455 readers
4588 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
356
Kaspersky/Securelist researchers detail zero-click iPhone exploit involving four distinct zero-day vulnerabilities, including undocumented hardware features in iPhone chips (securelist.com)
submitted 7 months ago by [email protected] to c/[email protected]
23 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (2 children)

Makes me laugh because of how cultishly people claim iphone is secur, yet we keep hearing how susceptible it really is to attacks. There is a real disconnect there.

I would feel foolish making these claims, and paying more for a device that's only real achievement is a walled garden.

[–] [email protected] 28 points 7 months ago (2 children)

This is kind of a ridiculous take. I hate iPhones, but this is not a "hurr durr iPhones bad and insecure" moment. I implore you to look at the sophistication of this attack. The attack chain is so ridiculously long and complex, and only because of the security of the iPhone. This is not a script kiddie attack, and could only be executed by a very determined party.

No device is secure, and any and all computers could potentially fall victim to an attack like this, but it is absolutely ignorant to say that iPhones don't offer any more security than other devices.

[–] [email protected] 6 points 7 months ago (1 children)

FYI: I don’t think you’re replying to someone acting in good faith.

[–] [email protected] 0 points 7 months ago

That's called projection.

[–] [email protected] 5 points 7 months ago* (last edited 7 months ago) (1 children)

Yeah absolutely. This line from the article summs it up pretty well... ""What we do know—and what this vulnerability demonstrates—is that advanced hardware-based protections are useless in the face of a sophisticated attacker as long as there are hardware features that can bypass those protections.""

Edit: We also have no idea how many zero days there are in Android, either. 🤷‍♂️ But at least it's a bit more open source than iOS 😂

[–] [email protected] 4 points 7 months ago* (last edited 7 months ago)

Yeah. The moral is "every and all devices have an unknown number of zero-days inactive or actively being exploited at any given time", not "iPhone is just as insecure as everything else". There's a difference, and credit is deserved where it's due.