Thanks for correcting me then. And I agree that there's a massive difference between the two things are radically different. Whilst the good form of hacking is no problem however, it is hard to allow it without also enabling malicious hackers.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Browser-Based iOS 9.1/9.2 Jailbreak Wins $1M Bounty, Will Be Sold for Corporate and Government Use
- Thread starter MacRumors
- Start date
- Sort by reaction score
Thanks for correcting me then. And I agree that there's a massive difference between the two things are radically different. Whilst the good form of hacking is no problem however, it is hard to allow it without also enabling malicious hackers.
Vulnerabilities != Exploits. Many are the DOS attack and those are easily fixed. It's much harder to attack OS X or Linux than it is Windows.
Windows is not secure at all, despite what lines of BS Microsoft feeds the gullible.
I don't think they said anywhere they intended to sell it for criminal activities.
You are missing the point of what this would do, as it is not an exploit that would get into your iPhone.
You would have to be the catalyst for it, as you would have to visit a website set up to perform this jailbreak on your phone.
So no, the site wouldn't be responsible for criminal activity, you would have done this to yourself by visiting the site, or allowing someone to use your iDevice to visit the site. All you have to do to prevent it is to be a human firewall.
BL.
That's it you ignore the data... and create your own dimension or reality.
The numbers are not from any vendor, they are independent of that.
Also if you looked you will see only 158 of the 335 vulnerabilities are DoS, 147 are code execution vs 24 for windows.
On OS X some of the others are 138 for overflow, 119 memory corruption. Then you have 41 bypass and 49 gain info. Windows 8.1 by contrast has 40 code exe, 9 over, 7 memory 26 bypass info 21 gain info..
Opps! So despite Apples BS... they are even worse.
Last edited:
All one needs to do is update to 9.2.2 ; problem solved. If it's one thing Apple is good at it is patching up iOS.
No system can be labeled as hack proof.
It's my understanding, or perhaps lack of, that all that is needed for someone to exploit my phone without my knowledge is to send a text to my phone; once received my phone is open to exploit by the sender.
Yes/No?
Puts me in mind of the jailbreakme.com days. Halcyon days they were, such excitement around the first iPhone.
Depends. Do you need to open the actual text?
If you do nothing to it, go into the messages app, and delete it, are you exploited?
Yes/No?
BL.
And Zerodium has every interest to keep that from happening by requiring all its customers to handle this internally as confidentially as possible, maybe using tactics like giving different customers slightly different versions (if possible) to allow them to identify who leaked things to Apple. But they are playing defence on that and that is always harder than offence in computer security.
Of course, part of the big debate here is whether the government should prioritise its own snooping capabilities over the security of its citizens, companies and in the end itself as iOS is certainly used on various government levels.
What is everyone so worried about? its a hack, not a virus. A hack requires the user to put it on the phone, a virus doesn't. I do admit that once the hack is on the phone, you're vulnerable to all types of attacks. I think history is repeating itself. There was an article previously that stated that certain jailbroken phones that had a certain app on it were left vulnerable. Nothing new here.
Well it seems that this one can install/do something while you simply visit a web site. So, while technically speaking it requires the action of you actually visiting a web site, given that plenty of sites can be hacked directly or indirectly (though some ad network script or something like that) to serve something up without you even knowing when you visit the site, it seems like it's not all that clearcut.
For the sake of completeness, jailbreaks can have different levels of severity. This one requires the target to open a text message or visit a webpage (which isn't too difficult, faking a text message from your cellular provider is easy, sure you must know which provider the target is using, in general knowing something about your target makes it easier to trick it but if you just infect enough website with your malware or send out mass texts, you can infect large numbers of people). A jailbreak that would require the target to download a file might be a bit harder to exploit (though opening an email generally already downloads the attachments). The less serious jailbreaks are those that require a physical connection to the target device (ie, you first have to infect a computer the device is synced with but then a special charger that isn't just charging can do so as well).
Which, as many people here already alluded to, hearkens back to the jailbreakme dot com days, where someone would go into an apple store, play around with the iDevices, hit up that site, and have every iDevice (except for an iMac) jailbroken. We definitely may see the next round of that.
However, this does indicate one major thing; there is an exploit in iOS 9.1 and possibly the 9.2 betas that could mean other jailbreaks will come, especially from those who are ethical.
BL.
But I still can say even those presumably good sites can be used to inject malicious jailbreak code and do something from there.
Again, nothing is secure, and we probably cannot trust anything over the Internet at all. Yes. We should break the trust. But then? I would rather guess that be another worldwide chaos.
As Mac OS X goes popular, I believe their system could become much more vulnerable than Windows now.
(Multi quotes? Wait)
Kudos for being willfully daft. If there are a million vulnerabilities but very few working attacks, is that less secure than something with 10 vulnerabilities but a million known working attacks using them?
In any case, your initial comparison makes little sense anyway, since the nature of iOS and iOS hardware makes it quite different from a security perspective than Mac OS X.
Chrome runs on webkit, just like every other iOS browser. They compromised Safari too.
I'm pretty sure ios and safari is robust enough that it will not allow things to be downloaded without user knowledge. The vulnerabilty is that once the hack is on the phone, that robustness is compromised.
edit. I'm on android, and I've been directed to phishing site that pops a fake os message asking for a yes, so thats a real issue, but ultimately, its the user that downloads the exploits.
Last edited:
No, because this is all just publicity stunt. They don't actually have the exploit.
You mean have its own bounty program? There is some risk in doing so (besides the optics that Apple might not like). Zerodium and Co. won't fold gracefully they would simply try to outbid Apple (not on every exploit, just the occasional one), meaning an Apple bounty program would generally increase prices for exploits, which in turn attracts more people.I still find it a bit amazing Apple does not participate in a bounty program.
Hubris. Pure hubris.
Maybe this is general phrase that applies to exploits for Android as well as iOS, where for Android it would be Chrome and for iOS it would be Safari.