Not a lot of details:
Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April.
cybershow • July 12, 2024 11:55 AM
Story seems a can-o-worms because it departs from “security” into the
realms of private protection rackets. Security and protection are
proximate but different. Apple are putting themselves in a difficult
position. What happens when, as judge and jury, they know but neglect
to tell someone their system is under attack, and harm occurs?
Running an opaque system in the first place already violates ‘trust
but verify’ and moves to a “mediated security model” based on fealty
and digital privilege. Selectively giving a heads-up to some victims
might seem noble… but does that mean every Apple user can now expect
to get a curated, personal security valet service? Seems Apple are
saying they can’t or won’t fix the exploit that allows this
intrusion… but don’t worry, “we’re watching every iPhone on the
planet”.
Why not just fix the exploit?
cybershow • July 13, 2024 11:34 AM
@ratwithahat
does Apple actually detect mercenary spyware attacks
I’m guessing yes, because they’re holding back on disclosures that
would tip-off NSO as to their method.
doesn’t do anything about the spyware on its own app store
Maybe you aren’t talking about Pegasus, but that isn’t a userland
thing via the store anyhoo, it’s first incarnation via iMessage used
exploitable GIF image processing compression to make a 70k instruction
VM for running an offset calculator. The GIF contains the VM and
payload, so an old ‘Turing complete’ JBIG2 image processor happily
runs malware coded as logical AND, XOR, OR etc. See:
Project Zero That’s ‘sophisticated’ for sure. Maybe you can
disable iMessage, but its closer to a ‘baked in’ problem.
The real FUBAR with phones though is in the hardware design, where
baseband (separate RF processor) can write to shared memory. These
processors have similar compression DSP and operate at a very high
frequency. I’m not even sure any OS can defend against that and there
are billions of handsets out there with flawed and highly opaque
silicon just ready to be sent hostile signals. For now this stuff is
targeted, but the potential for location specific mass attacks is
obvious. The whole of phone security needs an enema.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
ratwithahat • July 11, 2024 9:41 PM
Question: does Apple actually detect mercenary spyware attacks, or is it just notifying anyone who could plausibly be involved in a attack (ie any journalist, politician, etc)?
Not so clear on the details of detection, but isn’t it also be a concern that Apple might be able to root through customers’ phones?
Of course, while doing this, Apple doesn’t do anything about the spyware on its own app store, enabling stalking and abuse…