lol, what are you talking about? That's not what stingray devices do. They're man-in-the-middle fake cell towers that capture transmitted keys, try to boost radio transmission power and request frequency for triangulation, and pretend secure protocols aren't working to hope for less-secure fallback transmission protocols. They don't reach in, decrypt your phone, and transmit your storage or active RAM contents, let alone things like the lockscreen passcode.I find this quite wrong and childishly.
You seem to forget or not know that once any phone connects to a couple of hundred $ stingray, it communicates with it fully decrypted, therefore a simple 300$ stingray used by police can gain access to all data in the phone, even passwords, lockscreen pass code etc
.... IOs is not that secure as you might think. Nothing is in fact. Just marketing.
Not true. The iCloud activation lock can be bypassed. Devices can be stolen and restored as new now.This is a bootrom exploit. It can only be exploited when the device is in DFU recovery mode and will not affect the security of devices being used normally.
This is really the best kind of jailbreak exploit because only the people who really want to go out of their way to jailbreak can use it. Regular users are safe; all it means is that people can do whatever they like with these devices they own now.
Jailbreak 2019 Hackers: "HAhahahahaha! We did it! Checkmate!"
Apple at WWDC 2020: "We are releasing a brand new bootROM for MacOS/iOS/WatchOS/TVOS."
Apple wouldn't pay for this. It has already been patched in the newer chips, I agree people like this are the ones you want to hire but they already knew of the flaw or it wouldn't be patched in current chips.Apple should send him a nice hefty offer. These are the people you want on your team.
They can bypass the lock however they can't remove the lock. As soon as the phone hits cellular or internet the lock would be detected. This does let people bypass the lock though and pull any information on the phone off though. There was already a way to pull information off a locked phone previously but this sounds like an easier method.And how it will be with icloud locked phones? If my get stolen will it be safe or anyone can reinstall it with this hack and bypass icloud lock?
I’m sure people have their reasons. Themes, illegal downloads, and all sorts of little tweaks and customizations. But I agree there is little to no reason for majority of people.
That was never the case even when it was more popular. I had work performed even jail broken. Genius Bar brought it up also.All the cool kids violate their warranty. Didn't you know?
I find this quite wrong and childishly.
You seem to forget or not know that once any phone connects to a couple of hundred $ stingray, it communicates with it fully decrypted, therefore a simple 300$ stingray used by police can gain access to all data in the phone, even passwords, lockscreen pass code etc
.... IOs is not that secure as you might think. Nothing is in fact. Just marketing.
I find this quite wrong and childishly.
You seem to forget or not know that once any phone connects to a couple of hundred $ stingray, it communicates with it fully decrypted, therefore a simple 300$ stingray used by police can gain access to all data in the phone, even passwords, lockscreen pass code etc
.... IOs is not that secure as you might think. Nothing is in fact. Just marketing.
You're missing the point. They don't need to decrypt anything as they already have acces with handshake encryption key from the device itself. It's like when you do TeamViewer. Dooh!lol, what are you talking about? That's not what stingray devices do. They're man-in-the-middle fake cell towers that capture transmitted keys, try to boost radio transmission power and request frequency for triangulation, and pretend secure protocols aren't working to hope for less-secure fallback transmission protocols. They don't reach in, decrypt your phone, and transmit your storage or active RAM contents, let alone things like the lockscreen passcode.
You're missing the point. They don't need to decrypt anything as they already have acces with handshake encryption key from the device itself. It's like when you do TeamViewer. Dooh!
On top of that they get storage, keylogger and even root acces through your sim provider, which also has root acces and your device encryption key handshake. Research it.
All the cool kids violate their warranty. Didn't you know?
I haven't been jailbroken since the 3G, what's the big draw of a jailbreak now a days?
I'm suggesting every single sim out there has encryption handshake with the device and based on that handshake it has access to everything. Sensors, microphone, storage, apps, root etc. Imagine whatsapp which is encrypted. Let's say you're on T-Mobile. From T-Mobile back office they cannot decrypt your conversation, but they can read it from your device. Like they see through your eyes. So they're using your device. But remember they have root acces. Sim toolkit, carrier apps rings a bell? The can remote connect to your device and acces anything . Of course this is a feature required by government and only it have access, not even T-Mobile. But when a stingray gets between... It literally has handshake.Most data from apps is probably going over HTTPS via TLS sent over the internet, which stringray devices aren't going to spoof decryption keys for... only the remote server has the decryption key. Stingray devices would be able to decrypt the traffic from iPhone cell radio to the cell station, but the data inside is still encrypted via TLS, unless the app is sending in the clear. The radio isn't going to be a route to installing keyloggers or storage read-and-transmit via connections to a cell tower unless something is seriously wrong with your phone, or you're going down the rabbit hole that Apple is complicit in allowing these back doors. Phones don't transmit their core data or rendered display without apps being the conduit. Are you suggesting the cell radio comes with rootkit software, or have injection vulnerabilities to rootkit via cell traffic? I mean, sure, someone could build that, but it would be a massive security hole.
If I'm not mistaken, it means you don't want to let your phone out of your sight if you do anything of value on it, such as for corporate secrets, or state secrets, or anything which makes you a high value target. A person who can "borrow" your phone for a few hours can theoretically own it.I’m sure people have their reasons. Themes, illegal downloads, and all sorts of little tweaks and customizations. But I agree there is little to no reason for majority of people.
Yes, did they find it and fix it, or fix it ‘accidentally’. No way of knowing I suppose.So did Apple know about this and patch the vulnerability in the Xs?