Make a Contribution to Remove NSFW Ads

25 Million Android Phones Infected With Malware That ‘Hides In WhatsApp’

pookie said:
YES:hmm:... Question do you think something like what happened with Android could ever happen to a IPhone?
Click to expand...

No, because Apple doesn't allow apps that haven't been vetted in their walled garden.

This is the downside of having an open and free operating system, you have no control of it.

pookie said:
The second reply was from a guy that’s saying because he has a iPhone he doesn’t have to worry about it
Click to expand...

He is speaking specifically about a Unix kernel level access.
 
Multiple zero-day exploits found in iPhone X and Galaxy S9

November 15, 2018

Apple's iPhone X was able to be exploited due to an issue with Safari. A just-in-time vulnerability combined with an out-of-bounds write bug allows for data to be extracted from an iPhone X that is connected to Wi-Fi. The device was running the latest version of iOS 12.1. During the demonstration, Richard Zhu and Amat Cama were able to recover a deleted photo off of the device and received $50,000 as a result.

The duo also was working on baseband exploits for the iPhone X, but did not have enough time to get it working during the time of the competition. Trend Micro is expected to acquire the exploit at a later date through its Zero Day Initiative.

https://www.techspot.com/news/77442-multiple-zero-day-exploits-found-iphone-x-galaxy.html
 
Maxxam said:
Literally today:

Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping
Click to expand...
Those iPhone users don't see these problems cause they prob had to hold their phone a certain way to make phone calls or had to send their phone back cause it easily bended and cracked due to bend gate or their iPhone is slowly booting up cause Apple is purposely slowing down their old phones...next phone will guarantee to have problems like every new edition
 
And people are saying is not an OS level bug, it's just an app bug. Uhhhhh, FaceTime is exclusive to Apple only. This bug won't affect other devices, only iPhones. So yeah, it's an OS bug.
 
voyuer said:
Apple Fixes Two Zero-Day iOS Vulnerabilities Exploited in the Wild

February 11, 2019

Apple’s newly released iOS 12.1.4 includes fixes for two serious vulnerabilities that are already used by hackers. The update also fixes the FaceTime bug that allowed users to remote enable other peoples’ microphones.

The two vulnerabilities, tracked as CVE-2019-7286 and CVE-2019-7287, from the iOS advisory were exploited in the wild as 0day, Ben Hawkes, the lead of Google’s Project Zero team said on Twitter.

One flaw, CVE-2019-7286, is a memory corruption issue in the Foundation component that can allow an application to gain elevated privileges. The other, CVE-2019-7287, allows an application to execute arbitrary code with kernel privileges.

https://securityboulevard.com/2019/...ay-ios-vulnerabilities-exploited-in-the-wild/
Click to expand...

Good thing they fixed the Zero Day exploit.


voyuer said:
Multiple zero-day exploits found in iPhone X and Galaxy S9

November 15, 2018

Apple's iPhone X was able to be exploited due to an issue with Safari. A just-in-time vulnerability combined with an out-of-bounds write bug allows for data to be extracted from an iPhone X that is connected to Wi-Fi. The device was running the latest version of iOS 12.1. During the demonstration, Richard Zhu and Amat Cama were able to recover a deleted photo off of the device and received $50,000 as a result.

The duo also was working on baseband exploits for the iPhone X, but did not have enough time to get it working during the time of the competition. Trend Micro is expected to acquire the exploit at a later date through its Zero Day Initiative.

https://www.techspot.com/news/77442-multiple-zero-day-exploits-found-iphone-x-galaxy.html
Click to expand...

Sounds like they earned that 50k.

Maxxam said:
Literally today:

Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping

Also, 90% of these stories involve apps not actually in Google's store.

However, people who install random shit/cracked apps get what they deserve
Click to expand...

Thats the point.


voyuer said:
but its just a "bug."

it is not a big deal...
Click to expand...

Bugs can be fixed.

You comparing this to 25 million bots walking around?
 
TimRock said:
And people are saying is not an OS level bug, it's just an app bug. Uhhhhh, FaceTime is exclusive to Apple only. This bug won't affect other devices, only iPhones. So yeah, it's an OS bug.
Click to expand...

The term that was used was Kernel level.

If you've got Kernel level access you control the entire OS.
 
shonuff said:
Heist you still lording over being the best Fanboy Apple ever had?


by the by hows that life in Canada going? or is it Brooklyn? DC? ATL? dude gets around like a broke Jamel Bond...
Click to expand...
In opposition to what you think, I’m critical of Apple when warranted. For instance the new line of MBPs are filled with engineering issues and I won’t recommend them.

But in so much as OS & Hardware security, Blackberry followed by Apple have long been the leaders in the arena.

No system or device is imperviable to all hacking attempts and methods, but iOS & Apple is FAR more secure and security focused than Android. The sheer fact that it’s not an open OS is your first layer.

Then Apple has a chip in their devices solely dedicated to security and that’s before you get to the OS levels of security and Cloud layers of redundancy.
 
forcesteeler said:
I own a iPhone. Never will happen with the Unix security kernel in IOS
Click to expand...
You don't need a kernel to propagate malware...
If a bad guy wants to use established system calls to get kernel resources but takes advantage of other weaknesses, in another app, for example, attacks can always be carried out.
If I target the network stack? What if I target the input/output protocols of the kernel library? Are there any weaknesses in the telephony stack?

Unix and Linux both have well documented system calls that will allow any running process to gain resources.
 
thismybgolname said:
I'm talking about app stores that aren't controlled or maintained by Google.
Click to expand...
Gotcha.

There are ways to make apps comply but Google would need to "replant the walled garden", and that might be what they choose to do next in order to protect its brand.
Ultimately the user is responsible for the phone they use. More times than not, the user is the weakest link in security.
 
ScytheSalvation said:
Gotcha.

There are ways to make apps comply but Google would need to "replant the walled garden", and that might be what they choose to do next in order to protect its brand.
Ultimately the user is responsible for the phone they use. More times than not, the user is the weakest link in security.
Click to expand...

this is actually what is going to happen with Q or the next OS.

google has already started doing this with Nest.

no one on the outside has access to Nest API anymore at the end of august.
 
leonartist said:
Mac and iPhone user for over 25 years and hopefully 25 more!
Click to expand...
I'm not an android lover or iphone hater but as someone that owns both. Galaxy 4 personal and iphone 4 work. Them iPhones weak as hell. I don't want no phone that i can't log into bgol find a link 4 a cd click and download. Or 1 get on mobdro and watch the ufc fight. Apple you gotta jump thru hoops to do the most of basic shit
 

Make a Contribution to Remove NSFW Ads
You must log in or register to reply here.

Similar threads

RoomService
Google sold Android phones with hidden insecure feature, companies find
Replies
3
Views
190
Lexx Diamond
Lexx Diamond
TimRock
Google may have to sell Chrome
Replies
2
Views
165
Mrfreddygoodbud
M
MASTERBAKER
Is Facebook and Instagram down? Users report outages
Replies
0
Views
70
MASTERBAKER
MASTERBAKER
Maxxam
Stanford researchers trained an OpenAI rival in half an hour for less than $50
Replies
2
Views
101
lightbright
lightbright
playahaitian
Money: Amazon Warns 220 Million Customers Of Prime Account Attacks
Replies
3
Views
103
RUDY RAYYY MO
RUDY RAYYY MO
Back
Top