Sujet : Re: Almost every iOS & macOS app has had huge vulnerabilities for over a decade
De : jollyroger (at) *nospam* pobox.com (Jolly Roger)
Groupes : uk.telecom.mobile misc.phone.mobile.iphone comp.sys.mac.system comp.mobile.ipadDate : 03. Jul 2024, 16:46:32
Autres entêtes
Organisation : People for the Ethical Treatment of Pirates
Message-ID : <lela2oF7jrrU1@mid.individual.net>
References : 1 2
User-Agent : slrn/1.0.3 (Darwin)
On 2024-07-03, Chris <
ithinkiam@gmail.com> wrote:
Peter <confused@nospam.net> wrote:
A near inconceivable number of Apple iPhone & macOS apps have been
exposed to critical vulnerabilities in a popular dependency manager
for over 10 Years such that over three million CocoaPods-built iOS
and macOS apps have been vulnerable for over a decade, unbeknownst to
Apple & its test teams.
>
This is very concerning, however the bit you omitted is that these
vulnerabilities were patched late last year.
>
The most important thing people can do is keep their apps and iOS up
to date. And maybe reconsider using apps that haven't been updated
since October 2023.
>
It's also worth mentioning that this was a vulnerability explicitly
possible because of the open source model. Had CocoaPods not been
available on github it would have been possible to exploit as easily
or at all.
Such level-headed nuance is to be ignored, because: troll.
-- E-mail sent to this address may be devoured by my ravenous SPAM filter.I often ignore posts from Google. Use a real news client instead.JR