38 comments

[ 5.8 ms ] story [ 69.2 ms ] thread
No updates for ipados17. I guess my ipad pro 10.5 is finally a brick.
Feudalism says: buy new hardware, peasant.

I don't know what "equally annoying" would be for a company and its customers, i.e. a fair compromise. But we need a law requiring companies open source their hardware within X days of end of life support.

And somehow make sure these are meaningful updates. Not feature parity with new hardware, but security parity when it can be provided by a software only update.

Otherwise a company in effect takes back the property, without compensation.

I am shocked to hear that over these years it was possibl to extract data from a locked iphone. (hardening mode off)

I trusted apple.

What does "zero-day" even meant?

> ... decade-old ...

> ... was exploited in the wild ...

> ... may have been part of an exploit chain....

I guess the fix is only for Tahoe?

Edit: I meant iOS 18

Open source wins... again.
Unfortunately it doesn’t actually
as in I now have to upgrade all my children's ancient iphones...?

I'd much rather not do that

My suspicion is that. These "exploits" are planted by spy agencies.

They don't appear there organically.

I wonder what the internal conversations are like around memory safety at Apple right now. Do people feel comfortable enough with Swift's performance to replace key things like dyld and the OS? Are there specific asks in place for that to happen? Is Rust on the table? Or does C and C++ continue to dominate in these spaces?
I wonder if Fil-C would have prevented this.
Doubtful, Apple is one of the largest advocates of safe C already.
So the exploiters have deprecated that version of spyware and moved on I see. This has been the case every other time. The state actors realize that there's too many fingers in the pie (every other nation has caught on), the exploit is leaked and patched. Meanwhile, all actors have moved on to something even better.

Remember when Apple touted the security platform all-up and a short-time later we learned that an adversary could SMS you and pwn your phone without so much as a link to be clicked.

KSIMET: 2020, FORCEDENTRY: 2021, PWNYOURHOME, FINDMYPWN: 2022, BLASTPASS: 2023

Each time NSO had the next chain ready prior to patch.

I recall working at a lab a decade ago where we were touting full end-to-end exploit chain on the same day that the target product was announcing full end-to-end encryption -- that we could bypass with a click.

It's worth doing (Apple patching) but a reminder that you are never safe from a determined adversary.

Theoretical question. How much more secure will be a Linux device which uses phone as a dumb Internet provider.
There is one non-technical countermeasure that Apple seems unwilling to try: Apple could totally de-legitimize the secondary access market if they established a legal process for access their phones. If only shady governments require exploits, selling access to exploits could be criminalized.
Did MIE/MTE on 2025 iPhones help to detect this longstanding zero day?
Meanwhile Apple made a choice to leave iOS 18 vulnerable on the devices that receive updates to iOS 26. If you want security, be ready to sacrifice UI usability.
It's a rug-pull going against the tradition of supporting the most recent 2 OS versions until the autumn refresh simply to technofascistly force users onto 26 with an artificially-created Hobson's false choice between security and usability. This is bullshit.
I'll never understand how people actually believe that their refusal to adapt, and refusal opening them up to harm, is ever not their own fault

You're choosing to not have the update. And that's fine- own it.

[flagged]
I’m pretty sure the dyld code involved was written in the last 5 years if not more recently than that
[flagged]
AFAIK dyld3 and dyld4 are kind of the same codebase, it’s dyld2 that got nuked. It’s definitely new code though
What's never mentioned in posts like this is whether phones in lockdown mode were vulnerable too.
Oh great, so is this how Apple forces me to downgrade from iOS 18 to iOS 26?
It's pretty unbeliveable that a zero-day can sit here this long. If one can exist, the likeliehood of more existing at all times is non-trivial.

Whether it's a walled garden of iOS, or relative openneds of Android, I don't think either can police everythign on anyone's behalf.

I'm not sure how organizations can secure any device ios or android if they can't track and control the network layer, period out of it, and there are zero carveouts for the OS itself around network traffic visibility.

Outrageous that this isn't being patched in iOS 18. Genuinely shocked, and indefensible.
i wonder if this could be used to make a jailbreak possible :3
Whenever plugging a hole like this, the OS should kinda leave it “open” as a kind of honeypot and immediately show a warning to the user that some exploit was attempted. Granted, the malware will quickly adapt but you should at least give some users (like journalists or politicians) the insanely important information about them being targeted by some malicious group.