Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
Yeah absolutely. This line from the article summs it up pretty well…
““What we do know—and what this vulnerability demonstrates—is that advanced hardware-based protections are useless in the face of a sophisticated attacker as long as there are hardware features that can bypass those protections.””
Edit: We also have no idea how many zero days there are in Android, either. 🤷♂️ But at least it’s a bit more open source than iOS 😂
Yeah. The moral is “every and all devices have an unknown number of zero-days inactive or actively being exploited at any given time”, not “iPhone is just as insecure as everything else”. There’s a difference, and credit is deserved where it’s due.
Yeah absolutely. This line from the article summs it up pretty well… ““What we do know—and what this vulnerability demonstrates—is that advanced hardware-based protections are useless in the face of a sophisticated attacker as long as there are hardware features that can bypass those protections.””
Edit: We also have no idea how many zero days there are in Android, either. 🤷♂️ But at least it’s a bit more open source than iOS 😂
Yeah. The moral is “every and all devices have an unknown number of zero-days inactive or actively being exploited at any given time”, not “iPhone is just as insecure as everything else”. There’s a difference, and credit is deserved where it’s due.