Article <102si8b$2jrpa$1@dont-email.me>

Deutsch English Français Italiano
<102si8b$2jrpa$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Chris <ithinkiam@gmail.com>
Newsgroups: misc.phone.mobile.iphone,comp.mobile.android
Subject: Re: Comprehensive current zero-day platform comparisons?
Date: Tue, 17 Jun 2025 20:12:59 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 118
Message-ID: <102si8b$2jrpa$1@dont-email.me>
References: <102chui$1n2i$1@nnrp.usenet.blueworldhosting.com>
 <-judnSqKqKojidf1nZ2dnZfqn_WdnZ2d@supernews.com>
 <102dtpv$2rq8$1@nnrp.usenet.blueworldhosting.com>
 <102gk3o$3a72h$1@dont-email.me>
 <102gsrn$3c813$1@dont-email.me>
 <102h1eg$3d78c$1@dont-email.me>
 <102hf8i$1nt4$1@nnrp.usenet.blueworldhosting.com>
 <102iebu$3omti$1@dont-email.me>
 <102iikt$1rs8$1@nnrp.usenet.blueworldhosting.com>
 <102k1l5$8aqu$2@dont-email.me>
 <102kk8m$2uiv$1@nnrp.usenet.blueworldhosting.com>
 <102m4eq$r1l5$1@dont-email.me>
 <102n7ab$8qe$1@nnrp.usenet.blueworldhosting.com>
 <102p31e$1kmkm$1@dont-email.me>
 <102runk$2lbt$1@nnrp.usenet.blueworldhosting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 17 Jun 2025 22:12:59 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="16b94f5d5684571bc86ba590bfc140ba";
	logging-data="2748202"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+Fj+Iorp7oIQqopOtxLiOclVcOX5Vasp8="
User-Agent: NewsTap/5.6.1 (iPhone/iPod Touch)
Cancel-Lock: sha1:e1OvQjfxPTMPBiGdQpUUqZIXans=
	sha1:OtsX6u+40tfevPuucf+Hxu+984Q=

Marion <marion@facts.com> wrote:
> 
> 
> Now... having said that, I do get your point which is that it's raw data.
> Sure. It's raw data.
> 
> But it's good raw data.

That's a matter of opinion. 

>> One resolves to an incomplete for many reasons catalogue. The other to a
>> blog post of an analysis by an expert group. 
> 
> Chris - you claim to have earned a PhD for God's sake.
> You never heard of a bibliography?

A bibliography requires a thesis. You have no thesis. Therefore a
bibliography is meaningless. 

> Try this 2021 bibliography entry:
>  <https://citizenlab.ca/publications/>
>  "Citizen Lab's body of work is the gold standard for identifying 
>   and dissecting state-sponsored zero-day exploits, especially
>   against iOS (though they find Android ones too). Their reports 
>   are meticulously researched, detailed, and often involve reverse
>   engineering of actual zero-day exploits. They reveal how many
>   specific, critical zero-days were found and exploited on iOS 
>   devices (e.g., their "FORCEDENTRY" or "PEGASUS" reports often 
>   involved chains of multiple zero-days)."

Case in point. That link is just a list of articles and the supposed quote
doesn't exist at that URL. You are the very definition of baseless. 

> There is a *lot* of raw data and analysis in those links, right?
> That's what this thread is asking other people for help in finding.
> 
> I simply want more raw data, and/or better analysis of that raw data.
> 
> We'd have to compile their findings to get a sense of numbers over time,
> but the quality of their data is top-tier. For example, their recent (June
> 12, 2025) "Graphite Caught" report confirms another zero-click iOS 0-day.
> 
>>> If any of us had better data, then that's what we'd be discussing.
>> 
>> Your problem is that you're over interpreting the data, calling it "facts"
>> and then getting emotional when someone disagrees. 
> 
> Now that's a *different* thing altogether.
> As long as you don't flatly brazenly deny facts can exist, I'm OK with it.
> 
> If I dumb down the analysis to the lowest level, it agrees completely with
> Paul's commentary that there is MORE DATA than just the raw data.

Yet more evidence that you didn't read/understand Paul's post. 

>>> Then you agree that the CISA report shows that cumulatively iOS has about
>>> 1-1/2 times 
>> 
>> You keep repeating this phrase, but it is very unclear. Do you mean, "1x to
>> 0.5x" which means at most the same and as little as half? Which is counter
>> to your narrative. It would also be usually written "0.5 - 1.0 times". You
>> likely meant something, but wrote it poorly. 
> 
> Chris - your questions are reasonable so let's look at this from the
> simplest perspective, since the main point is Apple locked you into a
> barbed-wire prison garden "for your safety" so you'd better be safer.
> 
> Right?
> 
> The cumulative 0-day count changes every day, so let's use simple round
> numbers to explain what I mean by the rough estimate of 1.5 times more.

So by "1-1/2" you mean 1.5. And you call yourself an engineer?! lol. 

The "-" symbol is only ever the range or minus operator. Never a decimal
point.

> Over time, let's say there were 100 Android 0-days exploited in the wild.
> Then, over that same time, there are 150 iOS 0-days exploited in the wild.
> 
> SO the iOS cumulative zero-day count is *always* much greater than Android.
> By about 1.5 times (or 150 percent).

I mean, that's poor data analysis. You're extrapolating from a rough
estimate. Actual numbers matter. Why not use them?

I also cannot see how you've got your 1.5x number either from the source.
Show your workings. 

> This number is consistent because there are a large number of zero days for
> both platforms and the count only goes up by a half dozen to a dozen a
> year.

That's an annual change of 50-100%. Which is huge. 

> So iOS will *always* (in the foreseeable future) have more cumulative
> 0-days since they'd have to drastically cut down to improve that count.

Well iOS has had 1 zero-day in total over 2024 & 2025 whereas Android has
had 6. That's a pretty drastic difference. If we believe those numbers in
CISA to be absolutely comparable. Which we don't. 

>>> Where is that safety you paid so dearly for in lost functionality?
>> 
>> When did I pay dearly for safety?
> 
> The fact the iOS device can't do anything every other common consumer
> operating system does, such as provide privacy via Tor for one, is where
> you're paying dearly.

You're making many assumptions on my - and others - motivation for buying
an iphone. Unsurprisingly you're wrong. Again. 

> There are a lot more (e.g., an iOS device is so dumb it's shocking).

You're the only shockingly dumb thing involved in this topic.