Man the things these people can do are simply amazing. Their understanding of the internal system processes from nothing more than an external view is literally incredible.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Researchers Use Wi-Fi and Safari Exploits to Breach iPhone 7 at Annual Mobile Pwn2Own Contest
- Thread starter MacRumors
- Start date
- Sort by reaction score
No it wasn't. Literally the first sentence I quoted says otherwise. Here, let me quote it again:
[doublepost=1509570533][/doublepost]
I quoted two things, the first of which clearly references Google, and the second of which most likely refers to a Google issue.
Look, it's okay. You don't have to backtrack. You made a mistake.
Samsung got hacked, Apple got hacked. You're replying to a report about Google being unhackable with a post about Samsung. If it makes you feel better, all mobile OSs can be hacked.
Your mental gymnastics are adorable.
I'm agreeing with you, but your reasoning is just bad.
The Pixel had a better go at it. That's all. And you're not alone for not knowing the difference between Google and Samsung. It's a big problem for Google.
Are you sure it's the same thing? This doesn't mention WPA2 exploit
OK, I'll ask one final time:
- if Google isn't affected, why did Google, according to the article, rush to release a patch?
- are you asserting that Samsung's browser: a) has holes of its own that were never in Google's code in the first place, b) has holes that have since long been fixed upstream, or c) may in fact quite likely have holes that are also found on Google's end?
[doublepost=1509570871][/doublepost]
Yeah, no, these exploits clearly have not been fixed in 11.1, as the article states that the tests were run in 11.1:
You presumably have a job which might rely on digital communication. You also might use your phone to communicate with other people in your life. While security is not important to you, some of the people you talk to might appreciate a basic passcode so not literally everyone can look through your phone. This is the equivalent of leaving your front door open because "meh I don't have valuables anyway". If you can't be bothered to enter a 4 or 6 digit code or literally place your finger for a split microsecond, that's concerning.
You don't have any e-mail on your phone? No contacts? No calendar appointments?
No social networking accounts?
Even if you don't feel that's private information, your contacts might be quite angry by the nonchalant way you're exposing their address information.
I don't know why this is so difficult for you to understand. There's nothing wrong with your device and all these devices can be hacked.
sad that they give those exploits to the companys. We need jailbreaks.
Your post takes a disingenuous turn towards FUD. You can't seriously posit a messed up - I don't know what to call it, but it definitely ain't chili cuz chili don't have beans in it. Your "guess" is full of beans. You didn't even try to make a logical leap. You just jumped from it's based on Chromium (it is) therefore the bugs in Sammy's browser stem from issues with Google.
There couldn't have been issues with Sammy's fork? Their optimizations? It had to be an issue with Google? You're basing this on...I think you mean to say you saw nothing in that post to suggest that Google's code WAS affected. Exploits pay. As far as has been reported, there were no exploits on Google. Trying to conflate Samsung's exploit with an exploit against Google is just plain dishonest and really not worth much discussion.
[doublepost=1509571595][/doublepost]
So in essence you're asking @AustinIllini to prove your supposition? That's pretty rich. How about you provide evidence that even comes close to corroboration. You threw out the claim.
Last edited:
Your post takes a disingenuous turn towards FUD. You can't seriously posit a messed up - I don't know what to call it, but it definitely ain't chili cuz don't have beans in it. Your "guess" is full of beans. You didn't even try to make a logical leap. You just jumped from it's based on Chromium (it is) therefore the bugs in Sammy's browser stem from issues with Google.
I didn't make that leap at all; I asked.
There had, indeed, to be an issue on Google's end, because, for the umpteenth time, Google issued a patch.
The only reason I conflated Samsung and Google is that Google was not separately tested. Instead, various Android-based devices were, among them one from Samsung. Given that, as you acknowledge, Samsung's browser is based on code by Google, and that Google issued a patch, I posited the possibility (if not strong likelihood) that this Samsung flaw is in fact, in part, on Google's end.
I mean, either that, or was being "plain dishonest". ¯\_(ツ)_/¯
Tests like these prove a basic fundamental truth about software, which is that there will always be bugs/exploits.
And this is why Android is an utter joke compared to iOS. Google can patch bugs all they want and post the updated code to AOSP, but if the OEM never downloads the code and issues an update then it’s meaningless.
If a tree falls in the forest.....
And this is why Android is an utter joke compared to iOS. Google can patch bugs all they want and post the updated code to AOSP, but if the OEM never downloads the code and issues an update then it’s meaningless.
If a tree falls in the forest.....
Must have wanted the fame rather than money. Selling exploits would have earned them far far more.
I am guessing you don’t care about your digital footprint? The various network credentials you have stored on the phone? Your banking info stored in iCloud.
There is a lot more info you need to guard that can be damaging to you than access to digital payments.
Big difference between these types of hacks and entering a locked iPhone.
I have two phones. One for work which needs to be locked and one for personal which if I could, I would own a Moto Razr and disconnect from a lot of the mobile distractions. I do have social networking accounts though I deleted them from my phone to be more responsible with my time. I only check them on the weekends or during breaks at work. My point was more to me not needing the 4 or 5 digits pass codes and fingerprint feature. I've gone years without it but lately it seems that everyone now has "vital" information on their phone that the neighbor is going to steel. I get Wi-Fi hacks and what not but I am referring the daily tasks on my phone. Every single time I get a notification I have to unlock the phone. You can't set the lock time outside of immediately in settings anymore.
[doublepost=1509573431][/doublepost]
Uh, no it's not the equivalent. A person looking through my phone for digital assets such as a picture or a contact versus letting a person in my house for physical assets across a much broader spectrum are entirely different. Wi-Fi standards, digital currency, etc. I get it. But aside from your credit card info please tell me what your common everyday thief is going to steel from your phone that is of value? Your text messages, your music, take a selfie and post it to Facebook?
And as mentioned in another reply, "I have two phones. One for work which needs to be locked and one for personal which if I could, I would own a Moto Razr and disconnect form a lot of the mobile distractions. I do have social networking accounts though I deleted them from my phone to be more responsible with my time. I only check them on the weekends or during breaks at work. My point was more to me not needing the 4 or 5 digits pass codes and fingerprint feature. We've all gone years without it but lately it seems that everyone now has this vital information on their phone that the neighbor is going to steel. I get Wi-Fi hacks and what not but I am referring the daily tasks on my phone."
