BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild (citizenlab.ca)
from mwalimu@baraza.africa to technology@lemmy.world on 07 Sep 2023 20:42
https://baraza.africa/post/501119

We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

#technology

threaded - newest

redditReallySucks@lemmy.dbzer0.com on 07 Sep 2023 21:49 next collapse

“iPhones don’t have malware”

SmashingSquid@notyour.rodeo on 07 Sep 2023 23:46 next collapse

Who claims that anymore? Ever since covid there’s been tons of zero days updates. The only security benefit is not having extremely delayed updates like most android devices.

antizero99@lemmynsfw.com on 08 Sep 2023 01:56 next collapse

Which is why I roll pixel and before that nexus.

SmashingSquid@notyour.rodeo on 08 Sep 2023 13:17 collapse

Yeah I’m an iphone person because I have no interest in side loading or any of that stuff, I just want it to work. I use it with medical devices and because of the fragmentation of android the medical device makers need to test and get approval for each phone model whereas on iOS because everything is the same OS its usually the first to get an app except for my newer insulin pump because they went with a managed android device as their included controller.

If I were to go android I wouldn’t touch anything non google, especially after an article a few years ago I read that mentioned some OEM customizations actually adding vulnerabilities.

antizero99@lemmynsfw.com on 08 Sep 2023 15:26 collapse

I haven’t side loaded anything in years. In decades past I played around with custom roms and at some point I may look into the pixel roms for my older phones.

Aside from the usual issues that popup with any os for any device, I’ve had very few problems and none that stopped me from using my device.

I refuse to touch apple with someone’s else pole. I like being able to install apps that aren’t from the store and I can do that without having to hack my phone.

I equate apple to AOL. When you are new to tech apple just works but when you learn that there is more out there than apples walled garden you look at android that let’s you do so much more and has so much more choice for hardware. Not to mention cost.

bobman@unilem.org on 08 Sep 2023 04:04 collapse

Lots of people think iphones are secure.

HeartyBeast@kbin.social on 07 Sep 2023 23:56 collapse

I think you dropped your straw man

sebinspace@lemmy.world on 08 Sep 2023 15:38 next collapse

Must be what the 16.6.1 update was for last night

mwalimu@baraza.africa on 08 Sep 2023 19:39 collapse

Yes. The linked article points to Apple’s release notes.

CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School

some_guy@lemmy.sdf.org on 08 Sep 2023 16:27 collapse

The fine folks at CitizenLab are doing such important work. I just want to call out what a net-benefit they are for us all. I can’t count how many times I see or hear their name in sec updates, sec podcasts, news stories, etc. Thank you to CitizenLab!

PlexSheep@feddit.de on 08 Sep 2023 20:36 collapse

I hear only good stuff from them. I think they were featured in the last episode of darkness diaries too.