3 comments

[ 3.4 ms ] story [ 87.3 ms ] thread
I would love to ear about this kind of attacks on "safe" ROM like graphene. iOS is made by 100s if not 1000s of talented, dedicated and experienced engineers. I'm curious how a smaller team, even if they might be mainly focused on security, could compete with Apple into making a safer system.
> Apple patches 3 zero-days after they were used in a sophisticated attack.

Am I the only one that remarks that Apple patches bugs only after they become public ?

No! In fact I find it jarring that they use somewhat soothing language speaking of the fixes and simultaneously disclose bugs at a time when they are already exploited and it is clear that the majority of the users don't have the update installed yet.

I don't know why, but even with automatic updates enabled, for each and every macos or iOS update, I have to manually visit the settings to get a timely notification.

Does smell like a situation where it's just that the zero-days have recently been leaked and are started to get abused by non-state actors.

And Apple seems to think that a continuing to use a device that is vulnerable to exploits that are prominently covered in IT news is totally acceptable for a couple of days