Re: Careless Apple FINALLY patches iPhone exploit that allowed for 'extremely sophisticated' attack

Liste des GroupesRevenir à cm android 
Sujet : Re: Careless Apple FINALLY patches iPhone exploit that allowed for 'extremely sophisticated' attack
De : mummycullen (at) *nospam* gmail-dot-com.no-spam.invalid (MummyChunk)
Groupes : comp.mobile.android
Date : 12. Feb 2025, 22:40:11
Autres entêtes
Message-ID : <Gf6dnTp706GmiDD6nZ2dnZfqnPqdnZ2d@giganews.com>
References : 1
User-Agent : newsSync 683722208
Warren wrote:
A new iPhone update patches a flaw that could allow an attacker to turn
off a nearly seven-year-old USB security feature. Apple's release notes
for iOS 18.3.1 and iPadOS 18.3.1 say the bug, which allowed the
deactivation of USB Restricted Mode, "may have been exploited in an
extremely sophisticated attack against specific targeted individuals."
 The release notes describe the now-patched security flaw as allowing "a
physical attack," which suggests the attacker needed the device in hand to
exploit it. So, unless your device was hijacked by "extremely
sophisticated" attackers, there was nothing to panic about even before
Monday's update.
 USB Restricted Mode, introduced in iOS 11.4.1, prevents USB accessories
from accessing your device's data if it hasn't been unlocked for an hour.
The idea is to protect your iPhone or iPad from law enforcement devices
like Cellebrite and Graykey. It's also the reason for the message asking
you to unlock your device before connecting it to a Mac or Windows PC.
 Aligned with its typical policy, Apple didn't detail who or what entity
used the attack in the wild, only noting that the company is "aware of a
report that this issue may have been exploited." Security researcher Bill
Marczak of the University of Toronto's Citizen Lab reported the flaw. In
2016, while in grad school, he discovered the iPhone's first known zero-
day remote jailbreak, which a cyberwarfare company sold to governments.
 You can make sure USB Restricted Mode is activated by heading to Settings
Face ID (or Touch ID) & Passcode. Scroll down to "Accessories" in the
list and ensure the toggle is off, which it is by default. Somewhat
confusingly, toggling the setting off means the security feature is on
because it lists features with allowed access.
 As usual, you can install the update by heading to Settings > General
>
Software Update on your iPhone or iPad.
 Smarter people will just buy a much superior Android and take the other
half out to a very nice dinner.
 https://www.engadget.com/cybersecurity/apple-patches-iphone-exploit-that-
allowed-for-extremely-sophisticated-attack-214237852.html
In these situations - do LEO agencies you them to unlock all the iPhones they
have been holding on to for years? This is a response to the post seen at:
http://www.jlaforums.com/viewtopic.php?p=683625707#683625707

Date Sujet#  Auteur
12 Feb 25 o Re: Careless Apple FINALLY patches iPhone exploit that allowed for 'extremely sophisticated' attack1MummyChunk

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal