31 comments

[ 0.27 ms ] story [ 62.9 ms ] thread
How could something as sensitive get out of an administration as competent as the current one? At least they have no access to lets say AI or autonomous weapons and the tools of mass surveillance ...
"Possible" stripped from the headline on HN. That word seems particularly important given that it's speculative:

"Clues suggest it was originally built for the US government."

the government doesn't have superpowerful code crackers though

it has a guy working at apple who introduces the subtle vulnerability he is instructed to do

No matter the risk, I must carry my smartphone everywhere and install every app. It would be unimaginable to have the urge to look something up, but then wait to do it later until I'm using a real computer. No negative outcome will EVER shake my deep, permanent need to carry a smartphone all the time and use it for as much as possible.
(comment deleted)
You forgot the urge we all share to store all our login information on our phone, to exclusively use it for banking, to take and store all our sensitive photos and videos, to exclusively use it for any kind of communication, to keep the microphone and camera intact and to leave our phone on 24/7 next to us.

Seriously, what's the worst that could happen with an internet connected closed down device that holds all our information and has a microphone and camera? People must be just paranoid.

With this administration? Color me unsurprised.
> In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

People have been hacking iOS since before it was called iOS and they weren't necessarily "well-resourced, likely state-sponsored". See geohot

Point taken, but in fairness, it has gotten way more expensive. This isn't the platform Geohot jailbroke anymore.
It seems as though you can basically do anything in this administration if the money is right, so selling state secrets free of punishment sounds about right to me.
The rule of law does appear to be dead, instead it's a protection racket system in the US these days.
You can get it for free if you have the right blackmail material.
> this administration

and the one before it, and the one before that, and the one before that, and so on. that's politics and there is nothing new under the sun

There are things that have never happened before in the 250 year history of the United States.

No sitting president has ever enriched themselves by billions of dollars.

We’re in a completely different universe from the days when Jimmy Carter put his peanut farm in a blind trust so there would be no appearance of a conflict of interest.

Or when Lincoln was given some gifts from the King of Siam. Because of the Emoluments Clause in the Constitution, he went to Congress to check if he could keep them. Congress said no; Lincoln donated them.

It was understood a president could be prosecuted if he broke the law—that’s why Nixon needed to be pardoned by Ford; otherwise, he would have faced at least some consequences.

SCOTUS did a 180 degree turn by ruling a precedent is immune from prosecution for crimes committed in office.

SCOTUS just made that up out of thin air.

All of this and much more is unprecedented.

Last one: no president has ever gone to war without making a case for it to the country.

So no, what’s happening now is not the same old thing.

> “These zero-day and exploit brokers tend to be unscrupulous," says Cole. “They sell to the highest bidder and they double dip. Many don’t have exclusivity arrangements. That’s very likely what happened here.”

I interpreted this a different way - that a shady supplier to the US Government double dipped to the other side.

Meanwhile last time I checked, Android bug bounty is higher.

iPhone makes you an easy target. Sorry Besos, security through obscurity was a bad idea... but you should have known better.

Binders with classified information were hosted in a bathroom at a country club, so…you know…
Whenever I point out that Apple's "security by obscurity" strategy is a complete failure I get downvotes.

Person suspecting their iPhone has been hacked has no way to check it. Apple only offer cope mechanism in form of "lockdown mode", which likely can be bypassed just as well.

This situation shows that Apple devices are not secure and liability.

They'll likely protect your grandma from getting low effort malware, but if you are a CEO - buy something else.

[flagged]
Trump ruined America's reputation forever imho.

He keeps changing his mind every day and keeps talking bullshit. At this point the trashy drug dealer trying to sell to school kids is more reputable than the USA

    Many components of Coruna have never been seen before, he points out, and the whole toolkit appears to have been created by a “single author,” as he puts it.
I wonder who wrote it. Must be someone really good at it. Someone who might never give a talk in a conference.
does tahoe 26.3 protect against this?
> does tahoe 26.3 protect against this?

Apparently if you have Lockdown mode enabled, then yes.

> Google also notes that Coruna checks if an iOS devices has Apple's most stringent security setting, known as Lockdown Mode, enabled, and doesn’t attempt to hack it if so.
So, under which government was this hacking toolkit developed?
> Google also notes that Coruna checks if an iOS devices has Apple's most stringent security setting, known as Lockdown Mode, enabled, and doesn’t attempt to hack it if so.

:)

> US Government iPhone-Hacking Toolkit in foreign spy and criminal hands

Why repeat yourself ? (US Government, criminal hands)