Comment by FergusArgyll

2 years ago

> “Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consuming, requiring a comprehensive understanding of both hardware and software architectures... " -Kaspersky researcher Boris Larin

supports your point but it's not an easy argument to win either way. It's "everyone can see it so the good guys will find it first" vs "bad guys have harder time discovering vulns but once they do they have gold"

12 comments

FergusArgyll

manuelabeledo 2 years ago

To be fair, that was just Kaspersky taking a jab at Apple, after being absolutely gutted by hackers because of their own poor security posture.

saagarjha 2 years ago
I don’t really see anything wrong with their security posture here.
- manuelabeledo 2 years ago
  
  For starters, it took them four years to detect an intrusion that takes advantage of a messaging service (iMessage) that wasn't the corporate choice for internal communications, and allowed the exfiltration of gigabytes of data from the C-suite and high level managers.
  This is Kaspersky. They had to be aware of the long history of iMessage security bugs. They could have disabled it. They chose to ignore it instead.
  
  2 replies →
- gghffguhvc 2 years ago
  
  Article says large data files were sent from device to servers. Perhaps they could have configured their networks to detect/block this part.
  
  5 replies →