It seems as though you can basically do anything in this administration if the money is right, so selling state secrets free of punishment sounds about right to me.
King-Aaron 22 hours ago [-]
The rule of law does appear to be dead, instead it's a protection racket system in the US these days.
grehbies 21 hours ago [-]
To me, it's just another example of what the poor and marginalized in this country have known for generations, finally catching up to the comfortable class. It's easier to count the institutions that AREN'T pay-to-play, especially those associated with the law and courts.
Know what's fun? Facing down a trained attorney as a pro se litigant in small claims court. Want to beat the 70-90% loss rate for pro se litigants in a forum that was originally designed specifically for pro se litigants? Hire a lawyer, lol.
Small claims, true to the name, is the lowest of low stakes. It's downhill from there.
AngryData 21 hours ago [-]
It has been for decades now, they are just open and blatant now because the corruption is so deep rooted that there is little average people can do except choose to burn down the house around themselves.
pstuart 20 hours ago [-]
This administration has taken it to a whole new level -- basically an organized crime syndicate.
The system has always been corrupt in that the rich write the rules but this is pure kleptocracy. Remember that Nixon was told by his own party that his conduct was unacceptable and they would not support him...
AngryData 20 hours ago [-]
Nixon also got pardoned and faced no real repercussions for his actions other than leaving. Again, I very much believe we have been this corrupt for many decades, it is only the visibility of the corruption that has changed. What few actions against corruption we have seen was just good PR work, as evident by its lack of teeth in sentencing and complete lack of any enforcement or investigation against anyone with money or political power.
King-Aaron 19 hours ago [-]
I think that it's wholly incorrect to argue it has not gotten worse. The government has always been corrupt, true. They have gotten far more open and brazen about it, true. But they are also far more grotesquely corrupt in outright disgusting ways, which is different. No other president has just gifted themselves billions of dollars of taxpayer money. No other president has bulldozed the whitehouse for open ended self gratification projects on the scale Trump as. No other president has openly run family-centric money laundering schemes of this magnitude, or openly accepted foreign bribes, etc etc etc.
It was always corrupt but my word, you can't say that it's the same corruption just more exposed.
stronglikedan 7 hours ago [-]
> this administration
and the one before it, and the one before that, and the one before that, and so on. that's politics and there is nothing new under the sun
kgwxd 20 hours ago [-]
You can get it for free if you have the right blackmail material.
butILoveLife 23 hours ago [-]
Hierarchies can punish this. Note that the legislature and judicial branches exert their power. Epstein files got released if you need proof.
(However, if we are International Systems Realists, there are inevitable effects that happen. I have a feeling even Biden/Harris would be in Iran right now.)
dlev_pika 23 hours ago [-]
Some got released, and in the way the Executive wanted them to be.
This proves the opposite IMO - while the Legislative is co-opted, the Judicial branch has shown it is quite inadequate exerting control or punishment of the Executive.
Obscurity4340 21 hours ago [-]
> Google also notes that Coruna checks if an iOS devices has Apple's most stringent security setting, known as Lockdown Mode, enabled, and doesn’t attempt to hack it if so.
markus_zhang 22 hours ago [-]
Many components of Coruna have never been seen before, he points out, and the whole toolkit appears to have been created by a “single author,” as he puts it.
I wonder who wrote it. Must be someone really good at it. Someone who might never give a talk in a conference.
zem 23 hours ago [-]
it's also in maga and doge hands, which is arguably more dangerous for the country right now
Kiboneu 15 hours ago [-]
> Google also notes that Coruna checks if an iOS devices has Apple's most stringent security setting, known as Lockdown Mode, enabled, and doesn’t attempt to hack it if so.
:)
nameconflicts 16 hours ago [-]
So, under which government was this hacking toolkit developed?
hulitu 4 hours ago [-]
> US Government iPhone-Hacking Toolkit in foreign spy and criminal hands
Binders with classified information were hosted in a bathroom at a country club, so…you know…
simulator5g 21 hours ago [-]
“The Coruna Virus”. Nice.
stock_toaster 1 days ago [-]
With this administration? Color me unsurprised.
testaburger 21 hours ago [-]
does tahoe 26.3 protect against this?
LastMuel 18 hours ago [-]
> Google notes that Apple patched vulnerabilities used by Coruna in the latest versions of its mobile operating system, iOS 26, so its exploitation techniques are only confirmed to work against iOS 13 through 17.2.1.
shell0x 22 hours ago [-]
Trump ruined America's reputation forever imho.
He keeps changing his mind every day and keeps talking bullshit. At this point the trashy drug dealer trying to sell to school kids is more reputable than the USA
mindslight 17 hours ago [-]
No, Trump did not ruin America's reputation. No matter how many billions he steals, how many kids he rapes, how many Americans his terror squads execute, one man cannot ruin America's reputation. What has ruined America's reputation is all of the people continuing to support and enable this sick man - from the politicians and surveillance industry titans who are in on the con, to the grassroots supporters who won't set aside their (understandable!) grievances and would rather see our country destroyed. That is who has ruined America's reputation.
aa-jv 12 hours ago [-]
Americas reputation was ruined by decades of war crimes, crimes against humanity, and violations of human rights at massive scales - and the American peoples' utter inability to reign in their own very, very real war criminals. Trump is just one in a long, long line of American war criminals who should long ago have faced justice in The Hague.
Americans can't understand this because Americans hate being embarrassed by their states' misdeeds, but its very real. The rest of the world sees the crimes, even if American's are too cowardly to also do so ..
mindslight 6 hours ago [-]
But was it really, though?
Don't get me wrong - I've long shared your condemnations, even as an American! Although for us who acknowledge them, I wouldn't say it's "too cowardly" - rather we're quite disenfranchised and the cognitive dissonance tendency is for Americans to see the government as something apart from themselves. So it's more like that I can't practically do much about these criminals acting in my name.
But I mean, the global community basically gave a Nobel Peace Prize to Obama for not being Bush. I'd say the relationships got patched up pretty quickly there. Global domestic surveillance? So nice for the US to take the heat for FVEY et al.
If anything starting a war in Iran is back to business as usual, with (the leadership of) most countries seemingly giving a tacit green light.
varispeed 23 hours ago [-]
Whenever I point out that Apple's "security by obscurity" strategy is a complete failure I get downvotes.
Person suspecting their iPhone has been hacked has no way to check it. Apple only offer cope mechanism in form of "lockdown mode", which likely can be bypassed just as well.
This situation shows that Apple devices are not secure and liability.
They'll likely protect your grandma from getting low effort malware, but if you are a CEO - buy something else.
tptacek 22 hours ago [-]
What do you mean by "security by obscurity"? What's your comparand that doesn't have the same software defects iPhone-targeting CNE is exploiting?
varispeed 9 hours ago [-]
One for instance is that Apple doesn't offer an API for deep system scanning. So if your phone is infected, you have no way of knowing this, because there is no software that can scan it. You cannot trust it.
Or things like Memory Tagging Extension (MTE) Apple has implemented, but they have not released specification and implementation details, so you don't know if it has backdoors.
EPWN3D 5 hours ago [-]
I don't think you know what security by obscurity is.
alwillis 16 hours ago [-]
> A person suspecting their iPhone has been hacked has no way to check it. Apple only offers a cope mechanism in the form of "lockdown mode", which likely can be bypassed just as well.
In the past, Apple alerted users (journalists, political activists, dissidents) when a "state-level actor" attempted to hack their iPhones [1].
Apparently, the FBI couldn't get past Lockdown Mode: FBI stymied by Apple’s Lockdown Mode after seizing journalist’s iPhone [2]"
And don't forget about Memory Integrity Enforcement (MIE) that debuted on iPhone 17 and iPhone Air [3]:
MIE is described as the industry's first always-on, comprehensive memory safety protection, built on the Enhanced Memory Tagging Extension (EMTE) in synchronous mode, combined with secure typed allocators and tag confidentiality protections.
Yes, Apple controls who gets alerted about security breach. This means not everyone with compromised phone will get alerted. You are still in the dark.
Maybe they could maybe they couldn't, doesn't mean criminals couldn't.
MIE is opaque - Apple has not disclosed its design - it also means it can contain intentional backdoors and other security holes.
In other words this is just meaningless PR and doesn't change the fact that Apple's security is poor.
mikestew 22 hours ago [-]
Whenever I point out that Apple's "security by obscurity" strategy is a complete failure I get downvotes.
Maybe because you apparently don’t know what “security by obscurity” means? Regardless, what’s your recommendation for “buy something else”?
happyopossum 1 days ago [-]
"Possible" stripped from the headline on HN. That word seems particularly important given that it's speculative:
"Clues suggest it was originally built for the US government."
tptacek 1 days ago [-]
The Google threat analysis report doesn't say anything about USG involvement; that it was found on compromised Ukrainian sites, has code written in "native English", but also signs of LLM authorship. The Google report says the kit they found can't compromise current iOS, which is a capability you'd assume USG would have --- though it's important remember that "USG" comprises dozens of different buyers each with different toolchains.
Maybe this was the Fisheries Department exploit toolkit.
iVerify, which spun out of Trail of Bits and presumably knows what they're talking about, says it bears "hallmarks" of being connected to USG CNE work. I believe it. But the USG is on net a buyer, not a producer, of CNE tooling. Whatever a given service agency or IC arm buys, dozens of other aligned countries are also buying.
(And, of course, the non-aligned countries have their own commercial supply chains).
bri3d 1 days ago [-]
I don't think the ancient nature of the exploit chain has much bearing on the origin. I think it points away from the actual 2025 campaigns being USG-attached, but I don't think anyone was suggesting that to start with - the Google report makes it pretty clear that they believe the same code was resold to several parties, either in parallel or sequentially, around this time frame.
I think the notion here is that either:
* There's a shared upstream origin or author between this toolkit and the Operation Triangulation toolkit ahead of the use in Operation Triangulation (ie - someone sold this chain to both the Operation Triangulation authors and a third party). I actually think that the uses of specifically structured code-names internally and the overall structure of the codebase described in the Google writeup make this theory less likely; building an exploit toolkit while using these practices to cosplay as a US-government affiliated engineer would be clever and fun, but it's not something we've really seen before.
* This toolkit originated from (whether it was leaked, compromised, or resold) the same actor who was responsible for Operation Triangulation.
tptacek 24 hours ago [-]
Right, I agree with you; my thing is mostly just differentiating between CNE enablement packages the USG itself creates vs CNE enablement packages that are on offer to every USG-aligned country, of which there are a bunch.
tennex 21 hours ago [-]
> Maybe this was the Fisheries Department exploit toolkit.
buried lede, but hilarious
dang 1 days ago [-]
The title limit is 80 chars, if anyone wants to figure out a decent way to squeeze possibility back in there.
irishcoffee 1 days ago [-]
A US Govt iPhone-hacking suite is now possibly in criminal hands
15 chars to spare!
dang 1 days ago [-]
I think the "possibly" is supposed to mean "possibly produced by the US government"
irishcoffee 1 days ago [-]
Good point.
14 hours ago [-]
alwa 1 days ago [-]
“Possible US-Gov-made iPhone-hacking toolkit is now in foreign and criminal hands“ ?
dang 1 days ago [-]
We try to avoid abbreviations if possible. You spurred me to take another crack at it and I think it worked this time? Happy to edit again if not...
Simulacra 1 days ago [-]
Good point, that was also struck by the comment that it's infected "tens of thousands" phones. That's a minuscule rounding error.
aaron695 1 days ago [-]
[dead]
mentalgear 1 days ago [-]
How could something as sensitive get out of an administration as competent as the current one? At least they have no access to lets say AI or autonomous weapons and the tools of mass surveillance ...
grosswait 1 days ago [-]
[flagged]
MarkFields 9 hours ago [-]
[dead]
theearling 1 days ago [-]
[flagged]
theearling 1 days ago [-]
lol at all the downvotes, proves my point
jjtheblunt 1 days ago [-]
you're just on a technical site, so readers want citations for conjectures, because the readers generally and genuinely want to learn more
edit: sibling comment agrees
theearling 1 days ago [-]
I guess the technical side is for the bots to find holes in my argument. Anyone with a brain in tech that knows of the US and it's invasion into privacy knows that the US having an iOS "Hacking Toolkit" is nightmare fuel.
I already assumed it did, just glad Wired put it down on paper for the rest of us.
Writing an article that "it's escaped the hands of the US government and into the hands of foreign hands" doesn't change my opinion of the abuse of power.
Citation: Edward Snowden - Present Day (Flock, etc)
chucklenorris 1 days ago [-]
heh, saying hitler was a war criminal requires citations?
kvuj 1 days ago [-]
I think the downvotes come from the friction of the language used and the lack of sources to back the claim. If you linked some stories, it would add some weight to the statement.
seanw444 1 days ago [-]
How many people on this site are unaware of the amount of times the government's courts have found its executive, legislative, (and lower judicial) branches acting without authority?
How many people on this site are unaware of the extent to which we are monitored? And openly? We have an entire agency whose primary task is to mass surveil.
ranger_danger 1 days ago [-]
I think all the things are true at the same time... that most people already believe it, they don't need sources in this instance, but they still don't like the way the comment was worded.
pak9rabid 1 days ago [-]
Have we already forgotten about Edward Snowden & the NSA?
thewebguyd 1 days ago [-]
Unfortunately, I think that's likely the case for anyone on the younger side. Most of that came to light in 2013, 13 years ago. Anyone 20-30 years old today would've been a teenager then in high school, and likely not paying attention very closely.
It was big news for a little bit, and then the media by design quickly forgot about it barely a year later, and that is why history is doomed to repeat.
hulitu 16 hours ago [-]
No, but there are a lot of employees of 3 letter agencies in here and they don't like the noise.
doctorpangloss 1 days ago [-]
the government doesn't have superpowerful code crackers though
it has a guy working at apple who introduces the subtle vulnerability he is instructed to do
tptacek 1 days ago [-]
I expect the evidence for this claim is axiomatic, which is to say that you think it sounds good.
joshrw 1 days ago [-]
Hello, have you heard of the Snowden revelations? What OP was referring to are called bugdoors.
schoen 21 hours ago [-]
I'm very concerned about bugdoors and very grateful to Snowden, but I don't remember a specific example of a software bugdoor that was disclosed there or identified as such as a result of his revelations. Do you have an example? I don't think the Dual-EC DRBG counts here.
adrian_b 15 hours ago [-]
This happened later than Snowden, but is an example of an unsettling revelation.
A bug has existed for many years in Apple devices, until a few years ago, when it has been discovered accidentally by some victims, which has forced Apple to fix it, after several CVEs where assigned to it and associated software bugs.
The bug consisted that some secret test registers, which allowed a complete bypass of all memory protection, were left accessible after production. Thus knowledgeable attackers could take control remotely of an iPhone, for many years, in a completely undetectable way, by sending an invisible message, which then exploited some bugs in Apple system libraries to gain privileged access to the secret test registers, which were then used for complete access to any hardware, including stored files, video camera and microphone.
This backdoor was discovered only because some victims became suspicious due to unexpectedly high Internet traffic originating from their iPhone, which was recorded by an external firewall.
This was discussed on HN after its discovery.
It is hard to believe that such a mistake like forgetting to disable the test registers after production could have happened and it also would have never been discovered for many years, without some Apple insider intentionally doing it.
Moreover, the unknown attackers who have exploited the backdoor for many years had complete knowledge about the secret test registers, which is likely to have been provided by an Apple insider, perhaps the same who has ensured that they remain accessible.
Hopefully, the backdoor has been created only by some lower-rank employee, and it was not created with the knowledge of the management, due to some request from a TLA. It is unknown whether the backdoor has been open in all Apple devices, or only in those sold in certain markets.
When the backdoor was discovered, it was used to spy on some Russians, so some US agency or one from Israel were among the possible exploiters of it (this was before the current war).
bigyabai 19 hours ago [-]
You should expect more, unless you have evidence that conclusively discredits the claim.
lightedman 1 days ago [-]
No, anyone who remembers the Best Buy/FBI debacle knows that this statement is very well-grounded in reality. If you took your laptop to Best Buy for repairs, the FBI got a copy of your hard drive contents.
Nowhere in that entire case does anyone allege that the FBI was regularly being sent entire copies of the hard drive contents of best buy customers.
The FBI merely taught workers how to identify and report CSAM. There is nothing illegal about that.
EFF only sued because their FOIA request for info about their training process was denied, and after the FBI argued why they shouldn't grant the request, EFF agreed and backed down.
Not only did the EFF agree to dismiss the case, their blog post claim of a supposed Fourth Amendment violation was never even argued in any of their filings at all.
In my opinion, to construe a simple disagreement/misunderstanding over a FOIA request denial (which was proven as legal and justified) as "If you took your laptop to Best Buy for repairs, the FBI got a copy of your hard drive contents"... is patently and demonstrably false, and does not make any sense whatsoever.
diacritical 12 hours ago [-]
So you think in this case the EFF was wrong? It seems that way, but I'm not sure I fully understand what you meant. Why wouldn't the training process be public?
Another thing is that while perhaps entire copies of customers' hard drives weren't sent to the FBI, the Best Buy repair staff dug through the contents of people's hard drives. If I have a software issue with my OS (or whatever the repairs were about), I wouldn't expect the repair staff to look at my photos. Obviously, is CP was set as the wallpaper or something, you can't miss it, but why is it OK to look into random folders looking for suspicious files?
1xdevnet 17 hours ago [-]
Ok. I didn't make the claim and I'm not arguing this with you. You asked for sources and I assumed good faith. I was mistaken.
doctorpangloss 1 days ago [-]
haha yeah, thanks for the compliment
8cvor6j844qw_d6 1 days ago [-]
Yeah. TAO was intercepting Cisco routers in transit and installing implants.
The leap from supply chain interdiction to cooperative insiders isn't a big one.
hulitu 16 hours ago [-]
> Cisco routers
famously known for their backdoors.
thesuitonym 1 days ago [-]
Those two are not mutually exclusive.
butILoveLife 23 hours ago [-]
Meanwhile last time I checked, Android bug bounty is higher.
iPhone makes you an easy target. Sorry Besos, security through obscurity was a bad idea... but you should have known better.
cluckindan 23 hours ago [-]
Sorry who?
everdrive 1 days ago [-]
No matter the risk, I must carry my smartphone everywhere and install every app. It would be unimaginable to have the urge to look something up, but then wait to do it later until I'm using a real computer. No negative outcome will EVER shake my deep, permanent need to carry a smartphone all the time and use it for as much as possible.
diacritical 12 hours ago [-]
You forgot the urge we all share to store all our login information on our phone, to exclusively use it for banking, to take and store all our sensitive photos and videos, to exclusively use it for any kind of communication, to keep the microphone and camera intact and to leave our phone on 24/7 next to us.
Seriously, what's the worst that could happen with an internet connected closed down device that holds all our information and has a microphone and camera? People must be just paranoid.
theearling 1 days ago [-]
Webapps exist for a reason, they don't get all the special permissions apps get when fully installed.
at the very least use a VPN / more secure phone like a pixel with graphene
You keep doing you though
thesuitonym 1 days ago [-]
A VPN won't help you if your device is compromised. A VPN won't help you if the server is compromised. A VPN won't help you if the VPN is compromised.
I really wish people would understand that VPNs are not magical, unbreakable security. VPNs are barely security at all, and commercial VPNs even less so.
theearling 1 days ago [-]
oh 100% agree here, I was just confused at the OP comments evangelism of installing and keeping his phone on his for those quick fix google searches
thewebguyd 1 days ago [-]
Ironically, the exploits in this leaked kit all involved flaws in webkit, so you'd have been safer sticking to native apps assuming they didn't have any webviews in them to load the malicious site.
SpaceManNabs 1 days ago [-]
WebView is the worst experience I have on any smart phone or mobile app.
The fact that there is no option so that any webview by default opens in safari across all app in ios is horrible.
i am not surprised it is riddled with security holes.
21 hours ago [-]
auslegung 24 hours ago [-]
> In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.
People have been hacking iOS since before it was called iOS and they weren't necessarily "well-resourced, likely state-sponsored". See geohot
__del__ 23 hours ago [-]
im[ns]ho, people want desperately to believe that only state funded actors can possess that kind of power.
tptacek 22 hours ago [-]
Point taken, but in fairness, it has gotten way more expensive. This isn't the platform Geohot jailbroke anymore.
Rendered at 22:41:50 GMT+0000 (Coordinated Universal Time) with Vercel.
Know what's fun? Facing down a trained attorney as a pro se litigant in small claims court. Want to beat the 70-90% loss rate for pro se litigants in a forum that was originally designed specifically for pro se litigants? Hire a lawyer, lol.
Small claims, true to the name, is the lowest of low stakes. It's downhill from there.
The system has always been corrupt in that the rich write the rules but this is pure kleptocracy. Remember that Nixon was told by his own party that his conduct was unacceptable and they would not support him...
It was always corrupt but my word, you can't say that it's the same corruption just more exposed.
and the one before it, and the one before that, and the one before that, and so on. that's politics and there is nothing new under the sun
(However, if we are International Systems Realists, there are inevitable effects that happen. I have a feeling even Biden/Harris would be in Iran right now.)
This proves the opposite IMO - while the Legislative is co-opted, the Judicial branch has shown it is quite inadequate exerting control or punishment of the Executive.
:)
Why repeat yourself ? (US Government, criminal hands)
He keeps changing his mind every day and keeps talking bullshit. At this point the trashy drug dealer trying to sell to school kids is more reputable than the USA
Americans can't understand this because Americans hate being embarrassed by their states' misdeeds, but its very real. The rest of the world sees the crimes, even if American's are too cowardly to also do so ..
Don't get me wrong - I've long shared your condemnations, even as an American! Although for us who acknowledge them, I wouldn't say it's "too cowardly" - rather we're quite disenfranchised and the cognitive dissonance tendency is for Americans to see the government as something apart from themselves. So it's more like that I can't practically do much about these criminals acting in my name.
But I mean, the global community basically gave a Nobel Peace Prize to Obama for not being Bush. I'd say the relationships got patched up pretty quickly there. Global domestic surveillance? So nice for the US to take the heat for FVEY et al.
If anything starting a war in Iran is back to business as usual, with (the leadership of) most countries seemingly giving a tacit green light.
Person suspecting their iPhone has been hacked has no way to check it. Apple only offer cope mechanism in form of "lockdown mode", which likely can be bypassed just as well.
This situation shows that Apple devices are not secure and liability.
They'll likely protect your grandma from getting low effort malware, but if you are a CEO - buy something else.
Or things like Memory Tagging Extension (MTE) Apple has implemented, but they have not released specification and implementation details, so you don't know if it has backdoors.
In the past, Apple alerted users (journalists, political activists, dissidents) when a "state-level actor" attempted to hack their iPhones [1].
Apparently, the FBI couldn't get past Lockdown Mode: FBI stymied by Apple’s Lockdown Mode after seizing journalist’s iPhone [2]"
And don't forget about Memory Integrity Enforcement (MIE) that debuted on iPhone 17 and iPhone Air [3]:
MIE is described as the industry's first always-on, comprehensive memory safety protection, built on the Enhanced Memory Tagging Extension (EMTE) in synchronous mode, combined with secure typed allocators and tag confidentiality protections.
[1]: https://www.sentinelone.com/blog/so-state-sponsored-attacker...
[2]: https://arstechnica.com/tech-policy/2026/02/fbi-stymied-by-a...
[3]: https://security.apple.com/blog/memory-integrity-enforcement
Maybe they could maybe they couldn't, doesn't mean criminals couldn't.
MIE is opaque - Apple has not disclosed its design - it also means it can contain intentional backdoors and other security holes.
In other words this is just meaningless PR and doesn't change the fact that Apple's security is poor.
Maybe because you apparently don’t know what “security by obscurity” means? Regardless, what’s your recommendation for “buy something else”?
"Clues suggest it was originally built for the US government."
Maybe this was the Fisheries Department exploit toolkit.
iVerify, which spun out of Trail of Bits and presumably knows what they're talking about, says it bears "hallmarks" of being connected to USG CNE work. I believe it. But the USG is on net a buyer, not a producer, of CNE tooling. Whatever a given service agency or IC arm buys, dozens of other aligned countries are also buying.
(And, of course, the non-aligned countries have their own commercial supply chains).
I think the notion here is that either:
* There's a shared upstream origin or author between this toolkit and the Operation Triangulation toolkit ahead of the use in Operation Triangulation (ie - someone sold this chain to both the Operation Triangulation authors and a third party). I actually think that the uses of specifically structured code-names internally and the overall structure of the codebase described in the Google writeup make this theory less likely; building an exploit toolkit while using these practices to cosplay as a US-government affiliated engineer would be clever and fun, but it's not something we've really seen before.
* This toolkit originated from (whether it was leaked, compromised, or resold) the same actor who was responsible for Operation Triangulation.
buried lede, but hilarious
15 chars to spare!
edit: sibling comment agrees
I already assumed it did, just glad Wired put it down on paper for the rest of us.
Writing an article that "it's escaped the hands of the US government and into the hands of foreign hands" doesn't change my opinion of the abuse of power.
Citation: Edward Snowden - Present Day (Flock, etc)
How many people on this site are unaware of the extent to which we are monitored? And openly? We have an entire agency whose primary task is to mass surveil.
It was big news for a little bit, and then the media by design quickly forgot about it barely a year later, and that is why history is doomed to repeat.
it has a guy working at apple who introduces the subtle vulnerability he is instructed to do
A bug has existed for many years in Apple devices, until a few years ago, when it has been discovered accidentally by some victims, which has forced Apple to fix it, after several CVEs where assigned to it and associated software bugs.
The bug consisted that some secret test registers, which allowed a complete bypass of all memory protection, were left accessible after production. Thus knowledgeable attackers could take control remotely of an iPhone, for many years, in a completely undetectable way, by sending an invisible message, which then exploited some bugs in Apple system libraries to gain privileged access to the secret test registers, which were then used for complete access to any hardware, including stored files, video camera and microphone.
This backdoor was discovered only because some victims became suspicious due to unexpectedly high Internet traffic originating from their iPhone, which was recorded by an external firewall.
This was discussed on HN after its discovery.
It is hard to believe that such a mistake like forgetting to disable the test registers after production could have happened and it also would have never been discovered for many years, without some Apple insider intentionally doing it.
Moreover, the unknown attackers who have exploited the backdoor for many years had complete knowledge about the secret test registers, which is likely to have been provided by an Apple insider, perhaps the same who has ensured that they remain accessible.
Hopefully, the backdoor has been created only by some lower-rank employee, and it was not created with the knowledge of the management, due to some request from a TLA. It is unknown whether the backdoor has been open in all Apple devices, or only in those sold in certain markets.
When the backdoor was discovered, it was used to spy on some Russians, so some US agency or one from Israel were among the possible exploiters of it (this was before the current war).
https://www.foxnews.com/tech/the-fbi-paid-geek-squad-employe...
https://www.eff.org/cases/fbi-geek-squad-informants-foia-sui...
https://www.washingtonpost.com/local/public-safety/if-a-best...
Nowhere in that entire case does anyone allege that the FBI was regularly being sent entire copies of the hard drive contents of best buy customers.
The FBI merely taught workers how to identify and report CSAM. There is nothing illegal about that.
EFF only sued because their FOIA request for info about their training process was denied, and after the FBI argued why they shouldn't grant the request, EFF agreed and backed down.
Not only did the EFF agree to dismiss the case, their blog post claim of a supposed Fourth Amendment violation was never even argued in any of their filings at all.
In my opinion, to construe a simple disagreement/misunderstanding over a FOIA request denial (which was proven as legal and justified) as "If you took your laptop to Best Buy for repairs, the FBI got a copy of your hard drive contents"... is patently and demonstrably false, and does not make any sense whatsoever.
Another thing is that while perhaps entire copies of customers' hard drives weren't sent to the FBI, the Best Buy repair staff dug through the contents of people's hard drives. If I have a software issue with my OS (or whatever the repairs were about), I wouldn't expect the repair staff to look at my photos. Obviously, is CP was set as the wallpaper or something, you can't miss it, but why is it OK to look into random folders looking for suspicious files?
The leap from supply chain interdiction to cooperative insiders isn't a big one.
famously known for their backdoors.
iPhone makes you an easy target. Sorry Besos, security through obscurity was a bad idea... but you should have known better.
Seriously, what's the worst that could happen with an internet connected closed down device that holds all our information and has a microphone and camera? People must be just paranoid.
at the very least use a VPN / more secure phone like a pixel with graphene
You keep doing you though
I really wish people would understand that VPNs are not magical, unbreakable security. VPNs are barely security at all, and commercial VPNs even less so.
The fact that there is no option so that any webview by default opens in safari across all app in ios is horrible.
i am not surprised it is riddled with security holes.
People have been hacking iOS since before it was called iOS and they weren't necessarily "well-resourced, likely state-sponsored". See geohot