We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

  • some_guy@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    The fine folks at CitizenLab are doing such important work. I just want to call out what a net-benefit they are for us all. I can’t count how many times I see or hear their name in sec updates, sec podcasts, news stories, etc. Thank you to CitizenLab!

    • PlexSheep@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I hear only good stuff from them. I think they were featured in the last episode of darkness diaries too.

    • Mwalimu@baraza.africaOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yes. The linked article points to Apple’s release notes.

      CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School

    • SmashingSquid@notyour.rodeo
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      2
      ·
      1 year ago

      Who claims that anymore? Ever since covid there’s been tons of zero days updates. The only security benefit is not having extremely delayed updates like most android devices.

        • SmashingSquid@notyour.rodeo
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          1 year ago

          Yeah I’m an iphone person because I have no interest in side loading or any of that stuff, I just want it to work. I use it with medical devices and because of the fragmentation of android the medical device makers need to test and get approval for each phone model whereas on iOS because everything is the same OS its usually the first to get an app except for my newer insulin pump because they went with a managed android device as their included controller.

          If I were to go android I wouldn’t touch anything non google, especially after an article a few years ago I read that mentioned some OEM customizations actually adding vulnerabilities.

          • antizero99@lemmynsfw.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I haven’t side loaded anything in years. In decades past I played around with custom roms and at some point I may look into the pixel roms for my older phones.

            Aside from the usual issues that popup with any os for any device, I’ve had very few problems and none that stopped me from using my device.

            I refuse to touch apple with someone’s else pole. I like being able to install apps that aren’t from the store and I can do that without having to hack my phone.

            I equate apple to AOL. When you are new to tech apple just works but when you learn that there is more out there than apples walled garden you look at android that let’s you do so much more and has so much more choice for hardware. Not to mention cost.