Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases iOS 9.3.5 With Fix for Three Critical Vulnerabilities Exploited by Hacking Group
- Thread starter MacRumors
- Start date
- Sort by reaction score
Yup! Some pretty serious stuff.
http://www.seattletimes.com/business/apple-boosts-iphone-security-after-mideast-spyware-discovery/
Actually people dont expect if from Android. They DO expect updates from Apple because they actually make and send out updates regularly. Thats a good thing. Not sure how several here seem to think its bad.
Last edited:
10 minutes, dang man you have a slow wifi network or something. Took me under four minutes and that's with a save before and after to iCloud.
Haha, you don't have anything as an "innovative" feature than what already exists on Android and may just be a personal preference thing?
Yup... remote jailbreak
https://motherboard.vice.com/read/government-hackers-iphone-hacking-jailbreak-nso-group
https://motherboard.vice.com/read/government-hackers-iphone-hacking-jailbreak-nso-group
>> The exploit was initially discovered on August 11 after human rights defender Ahmed Mansoor received a suspicious link and sent it to Citizen Lab and Lookout. <<
This is awesome. This was foiled because a guy forwarded the suspicious link to the exploits to these sites who analyzed and passed them on to Apple.
Good to see Apple closing these holes quickly. Wish the rest of the smartphone world could enjoy security updates going widespread so quickly for their platform, but they can't for the most part.
This is awesome. This was foiled because a guy forwarded the suspicious link to the exploits to these sites who analyzed and passed them on to Apple.
Good to see Apple closing these holes quickly. Wish the rest of the smartphone world could enjoy security updates going widespread so quickly for their platform, but they can't for the most part.
This was certainly a bug. Both the IOMobileFrameBuffer fix from 9.3.4 and these new fixes in 9.3.5 are in essence bug fixes. They are not user-visible bugs, rather they are programmatic bugs that allow a program to take control of your system by running a specially crafted piece of code. I guarantee you there are plenty more of those in iOS 10 that are still unknown. It is very very difficult to get rid of all such vulnerabilities.
Security updates are not part of the road map, so mostly unplanned.
The "reassuring" thing is that they're equally hard to find for the bad guys (that's why Apple haven't found them either).
Most bugs that can lead to exploits undoubtedly have not been found, some like this one may have been in the code for 2-3 years before someone actually found out about it and used it. The thing is you can't ever assume they won't be found, some will.
Some bugs can linger for a decade before eventually someone finding them and exploiting them alone, or more often in conjunction with other vulnerabilities. Most jailbreaks rely on a whole ensemble of bugs to work.
You can mitigate some of this by better coding, software dev practices and by designing OS and system software in layers were you would need to compromise a whole chain of protection (and not just one thing) to get access. This bug is seemingly bad enough to bypass all those layers, so it is a severe one indeed and that's why Apple couldn't wait to fix it.
You have to disable Find My iPhone to update the re-enable it after, and you're logged out of iCloud then back in. When you log in again, it asks for all your iCloud settings and performs some kind of setup. It's happened to me on different phones every time, so I don't think it's a glitch. But during this post-update iCloud setup, I've had glitches ruin things for me.
Hmm...
My iPad Air 2 updated absolutely fine OTA.
However, my iPhone 5 is struggling when connected to my iMac (the way I've always updated my iPhone).
It starts of ok but at around 350mb I get the following message:
I've tried 3 times already.
Maybe I'll try again tomorrow morning...
My iPad Air 2 updated absolutely fine OTA.
However, my iPhone 5 is struggling when connected to my iMac (the way I've always updated my iPhone).
It starts of ok but at around 350mb I get the following message:
I've tried 3 times already.
Maybe I'll try again tomorrow morning...
Some jailbreaks can be performed on your phone without your knowledge or consent*, and then your phone is open to attack, so they really have to patch those. Even the ones that can't can be a stepping stone for some other kind of attack.
* Some older versions of iOS could be jailbroken through buffer overrun vulnerabilities in Safari's image renderer, triggered just by visiting a webpage.
At the time of my post the details of the update were quite vague, but I agree with you nonetheless.
Write an entire operating system and let us know how that goes for you.
That's why we pay Apple a premium for their products BUT as is often said -
"software engineers are a dime a dozen and I wouldn't give you any dime for any dozen"
I never had to disable Find My IPhone to update. It was on when I updated and is still on after.
I typically close everything, then reboot iPhone or iPad, backup to iCloud, then update, and after restart backup again to iCloud. I never once had a problem. Don't understand what all the fuss is about. My Apple extreme is running at over 400Mbps and my internet speed is over 125Mbps on my home network. Everything is fast and works great.