Comment by SrslyJosh
4 years ago
This will go great with zero-click iMessage exploits like this one: https://9to5mac.com/2021/07/19/zero-click-imessage-exploit/
Edit: Actually, this won't even require an exploit if they also scan media for people who have enabled "iMessage in iCloud".
Just send someone an image in the DB (or an image that's been engineered to generate a false positive) and wait for them to get raided.
Yup, there is now a single API call for planting an evidence onto dissident's phone and sending a SWAT team to retrieve him.
Authoritarian regimes love this.
One could envision false positive images that don’t even display in iMessage when sent or that are nested in other file types, etc.