Comment by stefan_
2 years ago
I remember people were very passionately arguing iMessage can only be secure if the only client is the Apple sanctioned one
> the unknown attackers kept their campaign alive simply by sending devices a new malicious iMessage text shortly after devices were restarted.
There are different aspects of security here. iMessage is tied to a physical device, so if you want to spam people, you have to purchase and burn through iPhones.
Rate limiting phishing attacks is certainly a useful security feature, but it does nothing to protect against targeted attacks.