Deutsch English Français Italiano |
<utd0pn$1hqpd$1@paganini.bofh.team> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!news.mixmin.net!weretis.net!feeder8.news.weretis.net!paganini.bofh.team!not-for-mail From: Sten deJoode <StendeJood@nospam.net> Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.system,comp.mobile.ipad Subject: Re: Are iPhones subject to ransomware attacks? Date: Tue, 19 Mar 2024 17:41:10 -0400 Organization: To protect and to server Message-ID: <utd0pn$1hqpd$1@paganini.bofh.team> References: <ut26gf$2e534$1@dont-email.me> <l5jvq8Fj8sdU1@mid.individual.net> <ut45bs$itts$1@paganini.bofh.team> <l5lsi4Fs60gU1@mid.individual.net> <ut7p0q$10ih8$1@paganini.bofh.team> <l5pbvaFdsdbU1@mid.individual.net> <65f77da3$0$3158686$882e4bbb@reader.netnews.com> <l5puflFges3U1@mid.individual.net> <0001HW.2BA85B9000464F4570000C9D138F@news.eternal-september.org> <65f833a3$0$2187653$882e4bbb@reader.netnews.com> <l5r52lFm4ctU1@mid.individual.net> <0001HW.2BA8C97000600F7170000C5B938F@news.supernews.com> <65f939fc$0$6398$882e4bbb@reader.netnews.com> <0001HW.2BA9E42F002C8A0A70000989438F@news.supernews.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit Injection-Date: Tue, 19 Mar 2024 21:41:12 -0000 (UTC) Injection-Info: paganini.bofh.team; logging-data="1633069"; posting-host="KwzIAAXG6Ff1eRCAVfbVhg.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A"; User-Agent: 40tude_Dialog/2.0.15.41 (Beta 38) Cancel-Lock: sha256:F+BjCdAnEd0Ht2/dqUTg8WZOeHh1enXA9TFh+6QLq28= X-Notice: Filtered by postfilter v. 0.9.3 Bytes: 4880 Lines: 75 On Tue, 19 Mar 2024 11:18:07 -0400, WolfFan wrote: > a zero-day is, by definition, something new and unexpected. That's not entirely correct, where the nuance is where it matters. Why do you think iOS is the most exploited smartphone OS in history? <https://www.cisa.gov/known-exploited-vulnerabilities-catalog> Given Apple has more zero-days in iOS by many times over than Android, the real distinction of what a zero day is for such an Apple newsgroup, is that *it's only Apple who is unaware of its zero-day bugs*. Everyone who is writing malware knows about these zero-days before Apple, and, the proof is all of them are _reported_ to Apple (who was clueless). Apple's QA by all accounts is atrocious. So bad, the same zero-day bugs shows up in subsequent releases, even after Apple fixed them once. That's how terrible Apple's QA is (even Federighi complained about QA). Apple has had so many zero-day bugs in the kernel and webkit that I stopped counting, but the point is that they sell these things on the black market. What a zero-day is, in this context, is a bug that is known to everyone (who is writing malware) but which is not yet known to Apple. > It is perfectly > possible to block known attacks. And yet Apple's QA is so non existent that multiple times they had to fix the same zero-day bug in subsequent releases, because they made it again! > it is impossible to block unknown attacks, What? Are you nuts? You block against what can happen. Such as buffer overflows (which are the root of a bulk of the attacks). What you're really saying is Apple spends all their money on advertising that they tested the system instead of actually testing the system. It's why only one company in all of high tech has the lowest R&D spend in the world - adn that's Apple. Steve Jobs had to defend it then and it's still the case now that Apple spends 10 times more on advertising than R&D. > as YOU HAVE NO FUCKING IDEA WHERE THE ATTACK IS COMING FROM OR HOW IT WILL BE > MADE, BECAUSE THE ATTACK IS *NEW* AND *FROM AN UNEXPECTED SOURCE*. WTF? Are you nuts? Google reported that Apple hasn't ever tested, nor even exercised about 10% of teh code in iOS that Google analyzed for the Project Zero effort. Google counted something like a dozen cases (which they responsibly reported to Apple) where the code was so bad, it was essentially a bug in and of itself. Since Apple never tests their iOS code sufficiently, it's clear that Apple could spend some of that money they spent in advertising a silly yellow iPhone instead on some QA in the R&D run by Craig Federighi. Don't you remember the leaked email from Federighi telling QA to start testing? Apple has _never_ sufficiently tested any of its code for bugs. Apple advertises white papers instead saying it's impossible to have them. > You are incapable of reading for comprehension. You have no idea that Apple's basic strategy is to spend money on marketing instead of on R&D which is one of the reasons why iOS is, by far, the most exploited smartphone operating system in the history of smartphones. <https://www.cisa.gov/known-exploited-vulnerabilities-catalog> Apple never finds its zero-day bugs... hackers find them for Apple.