Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
It's just disgusting how much disregard there is in this world to recognize peoples privacy. Its like a group of perverts trying to find people that would install peep cams in the bathroom at a girls dormitory. Except I think that the hacking of someones phone is much more nefarious being that someone could actually be harmed by their phone being hacked versus just a peeping tom watching you.
That's why we need to publish their addresses.
 
It may be time to put up different kind of bounty. One where people that do this **** get bounty on their heads. Kind of bounty that leads to little lead high speed projectiles that won't be stopped by the money, unless they stack it around themselves hiding behind it.
You know what, as soon as I read your response and saw the reference to bullets I thought, “American”. That was before I saw Eastern USA in your avatar.
What a shame…...
 
  • Like
Reactions: SirCheese
I remember one of the main weapons in the forum fights about of Windows and OSX was how all you had to do was visit a website and you’re infected………….
 
How is that a reasonable table of vulnerabilities? MAC OS X includes all version of OS X, so in that sense all version of Windows should be grouped together in the same manner. That would definitely change the results.

OS-chart.jpg


Or if you don't believe that one goto CVE, they show OS X having 114 for 2014, windows had 38.
2015 is showing OS X with 335!!!! vulnerabilities, where as windows have 135 server, 130 for Win8
[/QUOTE]
I think this is something to do with the level of support offered and/or whether the OS is still current. I might contact and ask them actually.
 
This is very very bad. This is going to be abused by either our government or another malicious party. For example, all one would need to do is inject the exploit in an unencrypted WiFi to gain complete control over a phone since this is a browser based hack.

You simply cannot blame them, though. Every single time someone jailbreaks iOS (currently legal, BTW), Apple jumps in and patches it so it no longer works. You can't have private software development (let's face it, some companies and governments have ZERO desire to share their plans/ideas with Apple) on a closed system. It's ironic it's legal to jailbreak, but Apple isn't legally bound to honor that legality. If Apple would just provide an open OPTION (like OS X has by telling it to allow ALL Apps to be installed even by unknown developers) for an open system or 3rd party stores, etc. (at your own risk) then this sort of thing wouldn't be necessary. Clearly there is a market for iPhones with 100% private Apps. You can't expect the government to send their top secret military Apps to Apple for approval.

The worry, of course is that someone will take advantage of this exploit to do something else, but that's Apple's fault as well. If they'd provide an official method to install software, people wouldn't have to find an exploit and then hide it to keep it useful. Of course, the problem is that Apple will just get someone on their payroll to fake a business or whatever and get the software from this company and then close the exploit and this company will be up the creek without a paddle (i.e. it would have to be unbelievably careful who they sold this to for Apple to NOT get it's hands on it). The fact they'd even publicly announce they had it is a bad move, IMO.

Someone need to publish names and home addresses of the people offering bounty, those creating exploit, and those buy it. Let's get something going here exploiting their privacy.

Speak for yourself. Some of us want jailbreaks. Frack Apple and their money grubbing closed system!
 
You simply cannot blame them, though. Every single time someone jailbreaks iOS (currently legal, BTW), Apple jumps in and patches it so it no longer works. You can't have private software development (let's face it, some companies and governments have ZERO desire to share their plans/ideas with Apple) on a closed system. It's ironic it's legal to jailbreak, but Apple isn't legally bound to honor that legality. If Apple would just provide an open OPTION (like OS X has by telling it to allow ALL Apps to be installed even by unknown developers) for an open system or 3rd party stores, etc. (at your own risk) then this sort of thing wouldn't be necessary. Clearly there is a market for iPhones with 100% private Apps. You can't expect the government to send their top secret military Apps to Apple for approval.

The worry, of course is that someone will take advantage of this exploit to do something else, but that's Apple's fault as well. If they'd provide an official method to install software, people wouldn't have to find an exploit and then hide it to keep it useful. Of course, the problem is that Apple will just get someone on their payroll to fake a business or whatever and get the software from this company and then close the exploit and this company will be up the creek without a paddle (i.e. it would have to be unbelievably careful who they sold this to for Apple to NOT get it's hands on it). The fact they'd even publicly announce they had it is a bad move, IMO.



Speak for yourself. Some of us want jailbreaks. Frack Apple and their money grubbing closed system!
Was waiting to see how long before these low life's claim it's apples fault. Just re-confirms what I said, let's get the names and addresses of these scumbaggs. Don't like Apple don't use the products. Speaking for myself. Some of us don't want jailbreaks. Especially hacker ones.
 
My first thought around this was to think through the business plan. How much money do they need to put up, what are their expenses, earnings, and revenue.

My second thought is this is completely immoral. They specified a situation where they could exploit someone easily, without their knowledge, and against their will. They are not delivering the "solution" to Apple so they can fix it. Instead, they are selling it to shady companies (including government agencies through shell companies), so that it can be used to hurt and exploit people.

In my day, hackers did release viruses. But they didn't do it to make money, or worse, to steal yours. They did it because it was a puzzle to solve, and clearly showed they knew what they were doing. These days, "hackers" are criminals. People who do their best to get a ten-year old to click on a link so they can gain access to the computer and steal identity information about the family that owns it. That isn't hacking. That's creepy as all hell, and needs to be stopped.

Shame on this company, and shame on our government for not going after them. I find it impossible to believe that they couldn't find some law to apply to this, even if it is an old law that deals with the interception of telegraphs.

Very bad. The only good thing? This crap is making companies that care, like Apple, increase their security. They were doing that anyway, but yay. I guess.
 
So if they sell this jailbreak to users someone from Apple pays up, does the jailbreak through the website and captures how it works, then patches it. Don't expect it to be long lived.
 
well, at least they *all* are vulnerable....

I gotta hand it to hackers,,, they can now get Jailbreaks done even before public release.... :D

Looking at the table, maybe a coincidence though apart from vista they have the exact same counts, suggesting these vulnerablilties Apply to all supported versions . id you added up the windows ones together you would be counting the same vulnerability multiple times.

Either way, what the table shows, we are all scr*wd , every OS has vulnerabilities. If any of those columns has more than 1 in to ,be concerned
 
So if they sell this jailbreak to users someone from Apple pays up, does the jailbreak through the website and captures how it works, then patches it. Don't expect it to be long lived.

By the time these stories hit the media, the damage has already been done, and Apple probably working on a patch. Now it's just publicity for next time around .
 
My first thought around this was to think through the business plan. How much money do they need to put up, what are their expenses, earnings, and revenue.

My second thought is this is completely immoral. They specified a situation where they could exploit someone easily, without their knowledge, and against their will. They are not delivering the "solution" to Apple so they can fix it. Instead, they are selling it to shady companies (including government agencies through shell companies), so that it can be used to hurt and exploit people.

In my day, hackers did release viruses. But they didn't do it to make money, or worse, to steal yours. They did it because it was a puzzle to solve, and clearly showed they knew what they were doing. These days, "hackers" are criminals. People who do their best to get a ten-year old to click on a link so they can gain access to the computer and steal identity information about the family that owns it. That isn't hacking. That's creepy as all hell, and needs to be stopped.

Shame on this company, and shame on our government for not going after them. I find it impossible to believe that they couldn't find some law to apply to this, even if it is an old law that deals with the interception of telegraphs.

Very bad. The only good thing? This crap is making companies that care, like Apple, increase their security. They were doing that anyway, but yay. I guess.
Govermment going after them? Please, they're one of the main buyers.
 
This is very very bad. This is going to be abused by either our government or another malicious party. For example, all one would need to do is inject the exploit in an unencrypted WiFi to gain complete control over a phone since this is a browser based hack.

It's bad but not unexpected that it should surface, given the bounty. There are very likely more iOS "zero-days" out there being traded for money and has been for a long time.
 
  • Like
Reactions: locoboi187
holy crap that's crazy......

"one hacking team" = NSA

Worse, the NSA are probably among the customers.

How vulnerable do you feel, knowing that any website you visit could potentially be jailbreaking your phone behind the scenes installing wiretaps and uploading your message history.

This is the idyllic future which the security services have spelled out for us. You won't be allowed to encrypt anything which can't be read by a public agency (outlawing absolute privacy) and they'll have a catalogue of exploits which are making Americans targets but won't try to stop it; they join in and participate in torturing the constitution.

Welcome to the bizarro world.
 
Kudos for being willfully daft. If there are a million vulnerabilities but very few working attacks, is that less secure than something with 10 vulnerabilities but a million known working attacks using them?

In any case, your initial comparison makes little sense anyway, since the nature of iOS and iOS hardware makes it quite different from a security perspective than Mac OS X.

That;s it keep changing reality.. 10 vs 1 10 always going to be worse regardless so lets not pretend and re-invent the fact apple has security issues despite the fanboy mentality..!!
 
Worse, the NSA are probably among the customers.

How vulnerable do you feel, knowing that any website you visit could potentially be jailbreaking your phone behind the scenes installing wiretaps and uploading your message history.

This is the idyllic future which the security services have spelled out for us. You won't be allowed to encrypt anything which can't be read by a public agency (outlawing absolute privacy) and they'll have a catalogue of exploits which are making Americans targets but won't try to stop it; they join in and participate in torturing the constitution.

Welcome to the bizarro world.

finding the exploit is the hard part , getting it onto main commercial sites, a lot easier.
 
  • Like
Reactions: steviewhy
Hummm.... since Apple is trying to court businesses, seems they should just provide an open version of iOS to large corporate customers who need additional control. :) Seems reasonable... but I could understand why Apple would not want this either — then you start having tons of unsupported versions out there.
 
Don't understand why people are getting in a tizwoz over this, you've been apple to jailbreak and install unsigned apps through the browser on iOS devices on many previous iOS incarnations o_O
 
Don't understand why people are getting in a tizwoz over this, you've been apple to jailbreak and install unsigned apps through the browser on iOS devices on many previous iOS incarnations o_O
Yes but wasn't that the decision of the device owner? Now we are talking about a way for someone else to remotely jailbreak your device and take control. That someone likely being the government or a corporation trying to data mine the hell out of you.

This is depressing news. Especially how it came about. Especially because it apparently all is legal. Because our government can't be made to recognize that its citizens should have the same right to privacy and security from unwarranted searches on our electronic devices for our personal information as we do in our homes.

If we were talking about data kept in physical filing cabinets, we'd have protection under the law from people physically breaking in and reading or stealing it, thanks to our founding fathers securing that for us in the era of quill and parchment. But the same information kept in electronic form is not considered equally sacred because our lawmakers and all those unchecked executive orders won't extend the legal protections in modern times because our government wants that info. And even begrudges us the files in our filing cabinets and would take that if they could, too.
 
Yes but wasn't that the decision of the device owner? Now we are talking about a way for someone else to remotely jailbreak your device and take control. That someone likely being the government or a corporation trying to data mine the hell out of you.

This is depressing news. Especially how it came about. Especially because it apparently all is legal. Because our government can't be made to recognize that its citizens should have the same right to privacy and security from unwarranted searches on our electronic devices for our personal information as we do in our homes.

If we were talking about data kept in physical filing cabinets, we'd have protection under the law from people physically breaking in and reading or stealing it, thanks to our founding fathers securing that for us in the era of quill and parchment. But the same information kept in electronic form is not considered equally sacred because our lawmakers and all those unchecked executive orders won't extend the legal protections in modern times because our government wants that info. And even begrudges us the files in our filing cabinets and would take that if they could, too.

Ah I missed that it had been switched round like that.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.