Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

[sdf]

My read of this is it's a 0day only because he disclosed it before Apple fixed it. His assumption was that Apple would fix it in the very next version, but this is not guaranteed. Apple doesn't drop everything to get a security fix in, though maybe they should be more willing to. My own security fix (before the bounties, sadly) came out in the 10.5.2* release — the 10.5.1 was for the very worst of emergencies introduced by the 10.5 release.

Apple doesn't credit anyone until the fix is fully released on all versions they support. His credit and prize were probably waiting on the release of 15.1. The fix was just never going to be included in 15.0, because it was a massive project and needed to be shipped.

*-I don't actually remember anymore if it was 10.5. I had a couple security issues fixed, but the only one I remember any details about was with Time Machine. The other one was much more insidious. And yes, I got credit for both.

 

[sdf]

Apple’s stance has always been “without us, you are nothing” to devs

Wow. Not at all. They reached out to us immediately and provided help with a UI review and some other minor points. Nothing truly significant, I think they didn't really understand how familiar we were with Apple technology and their interface guidelines. They ended up declaring our UI really good, and only giving us a couple tweaks to fit better into the "lickable" era.

 

[Unregistered 4U]

My read of this is it's a 0day only because he disclosed it before Apple fixed it. His assumption was that Apple would fix it in the very next version, but this is not guaranteed. Apple doesn't drop everything to get a security fix in, though maybe they should be more willing to. My own security fix (before the bounties, sadly) came out in the 10.5.2* release — the 10.5.1 was for the very worst of emergencies introduced by the 10.5 release.

And, it’s not much of a zero day to the phone’s OS if Apple can make changes to the App Store to look for these types of exploits and flag them for further analysis. Apple likely updated the App Store review process then put this zero day on the back burner to fix exploits reported by folks who’s names we DON’T know… exploits far more serious than these.

It’s probably still concerning to those jailbreaking their devices? Maybe? Because they’re getting their apps from ‘elsewhere’?

 

[DesertDrummer]

Well, when you consider that the ONLY way a security researcher would be content with a device’s security is that it’s kept in the box, ...

...

Security Researchers are the folks that say you need to remove all the windows from a house because, while it’s a nice thing to have, it’s just an exploit waiting to happen!

While I do get your point, the truth is usually somewhere in the middle, and I think that's the case here, as well. I'm not suggesting Apple should fix every single thing that anybody has a concern with, but it would be good if they were more open about what they're not fixing and why. "Security through obscurity" doesn't work, and there's no good reason to not be open and communicative about this stuff.

 

[ian87w]

It's bad when Windows has a better rep for fixing bugs than Apple does.

Windows has the enterprise market, and boy you really cannot mess up on security stuff on mission critical servers.

 

[ian87w]

As someone who works at a large software company (and has some knowledge about folks who report stuff to us and what they say vs. what they do), let me just say that there are usually two sides to a story. Things are sometimes not what they seem. I'll leave it at that.

That being said, shame, shame, if all this checks out.

Sure, but Apple being silent and opaque is not really good in the context of security.

And people want this company as their moral police...

 

[Shirasaki]

The guy is really hyping the seriousness of these bug reports. For example one of them just lets an installed app find out the name of the current Wi-Fi network. Like who cares about that?

But remember attackers can install multiple malware to the target device and work out a combination of information from multiple sources. Also, knowing wifi network means they can also start attacking wifi network and monitor all traffic.

Is Chip's Challenge still available anywhere? I haven't played that game in years.

Out of curiosity, I searched it on Steam and they have all Chips Challenge available, 1 and 2.

 

[doboy]

And we’re supposed to trust them with scanning our photos.

 

[I7guy]

Honestly, good for him.

Apple needs to get their stuff together. It's clear the wheels are coming off the cart under Cook the past few years.

Yep, apple is headed dow hill faster than a snowball rolling down the hill. /

If that’s your honest opinion, you haven’t been watching what apple has been doing since 2011.

 

[I7guy]

WOW.
Whats safer Android or IOS.
APPLE loosing its edge.
Like Buggy and bloated 12.5GB Big Sur compared to 4GB Windows 11.

What edge is apple losing?

 

[ian87w]

And we’re supposed to trust them with scanning our photos.

I'm guessing wokeness and virtue signaling are more important than actual security...?

 

[toasted ICT]

Oh but what about the lovely woke emojis? They're nice....and more important too.

 

[I7guy]

The Apple cult always puts on horse blinders and pretends Apple always has perfect solutions to this. If Israel has Pegasus then you better believe other governments have their versions as well. You can’t disprove that Apple works with governments. They had no problem handing the encryption keys for the Chinese servers over to the CCP.

Much of what’s posted can’t be proven either. It’s neither confirm nor deny.

 

[turbineseaplane]

Many of the replies here are FUD likely from other desperate phone makers

yeah… sure….sounds totally correct

 

[adib]

Apple’s stance has always been “without us, you are nothing” to devs

wonder if the day will come that apple realizes without devs, they are nothing. Who wants an iPhone without any apps?

Plenty, actually. Remember that iPhone OS 1.x launched without 3rd party apps and there were plenty who are eager to buy despite very limited availability (only limited to one carrier per country, etc).

 

[axcess99]

Not meant snarky, but when did the term 0-day change from something discovered while being actively exploited to all third party discovered vulnerabilities?

I swear it used to be if it is responsibly disclosed, unpublished, and not known to be exploited, it wasn’t a zero day.

 

[ChrisA]

Do not blame this on Apple's incompetence. They likely intentionally ignored these zero-day reports. Why? Someone PAID Apple to place this back door in the OS.

Apple can only say one of two things about this
1) "sorry, we are stupid and the security person assigned to track to drunk most of the time or
2) Yes we are on top of this and decided not to address it.

It is either #1 or #2. I'd bet a lot on #2. Someone with deep pockets really wants Apple to ignore the problem. Apple goes for the money.

If the problem was incompetence Apple could fix the problem by firing a few people.

Doing this is smart for Apple, they can claim to worry a lot about security and privacy while at the same time blaming that fact that they don't on mistakes and bugs. These "bugs" are intentional and likely a source of income.

 

[Beautyspin]

Is Chip's Challenge still available anywhere? I haven't played that game in years.

It is available on steam for free, it seems. https://store.steampowered.com/app/346850/Chips_Challenge_1/. Not sure if you were referring to the same.

 

[Beautyspin]

My read of this is it's a 0day only because he disclosed it before Apple fixed it. His assumption was that Apple would fix it in the very next version, but this is not guaranteed. Apple doesn't drop everything to get a security fix in, though maybe they should be more willing to. My own security fix (before the bounties, sadly) came out in the 10.5.2* release — the 10.5.1 was for the very worst of emergencies introduced by the 10.5 release.

Apple doesn't credit anyone until the fix is released. His credit and prize were probably waiting on the release of 15.1. The fix was just never going to be included in 15.0, because it was a massive project and needed to be shipped.

*-I don't actually remember anymore if it was 10.5. I had a couple security issues fixed, but the only one I remember any details about was with Time Machine. The other one was much more insidious.

My take away from your reply is that you have not read the article completely.
1. He reported four bugs
2. One was fixed silently without giving him any credit
3. For the other three, he waited up to half a year in one case.
4. He first reported the bugs on April 29th (this is not in the article)
5. Published the article after not receiving any response from Apple on Sep 24th.
Can't blame the guy anymore.

 

[doboy]

Do not blame this on Apple's incompetence. They likely intentionally ignored these zero-day reports. Why? Someone PAID Apple to place this back door in the OS.

Let’s put down the tinfoil hat and just blame them for their incompetence.

 

[Mike Reed]

Plenty, actually. Remember that iPhone OS 1.x launched without 3rd party apps and there were plenty who are eager to buy despite very limited availability (only limited to one carrier per country, etc).

In fairness, it’s not the same market anymore. Mobile web browsing, email, high quality cameras, smooth touch interfaces - all common now but pretty novel at the time.

 

[bousozoku]

WOW.
Whats safer Android or IOS.
APPLE loosing its edge.
Like Buggy and bloated 12.5GB Big Sur compared to 4GB Windows 11.

They aren't losing their edge. They just don't care unless the problems become widely known on TV or other media.

Perhaps, they don't know how to fix them. I saw a lot of those issues when Avie Tevanian left the company. Having talented people doesn't mean that you can fix complex problems.

Remember the SMB problem that was fixed for two years but they didn't implement the changes until it became well known?

 

[troublador]

The wheels that are coming off aren't the hardware items you mentioned. It's the attitude. I'm been an apple customer since about 1987. I've purchased tens of thousands of dollars of equipment. The wheels started coming off when apple switched to their insane policy of new OS's every year. That's more important to apple than making sure their hardware and software is as bug free as possible. Apple used to have a customer oriented mentality. That's gone. And in fact the wheels are't even on any more. The number of significant bugs in iOS 15 is proof enough. I used to think that apple could do no wrong. I now wonder if they can do much that is right!

Apple doesn't release a "new" OS every year. Usually it's the same OS with a few additions, a few visual tweaks and a different name. That's hardly "insane".

 

[supercoolmanchu]

What edge is apple losing?

Market distinction from their nearest competitors.

Also, and you won't find a financial spreadsheet or graph for this:

Many put Apple on a pedestal, a position Cook wasn't shy to relish in, could even say exploit.
Many expected them to be better, and then Apple broke a lot of hearts.

 

[I7guy]

Market distinction from their nearest competitors.

I don't believe so, and it's clearly nothing that can be proved, except via satisfaction surveys. MR posters are not the litmus test of what Apple consumers think about the company.

Also, and you won't find a financial spreadsheet or graph for this:

Many put Apple on a pedestal, a position Cook wasn't shy to relish in, could even say exploit.
Many expected them to be better, and then Apple broke a lot of hearts.

Apple has a billion customers (approximately), with a billion opinions. The above just seems like so much of a generalized statement. Many in this context could be 100 out of 1 billion. We don't know and only know anecdotally what is being said about Apple, except as I mentioned, in the satisfaction surveys.