Comment by markus_zhang
1 year ago
If they really need the security, considering how the other party spent such trouble to hack their phones, this is probably true, then they should not allow any smart phone into the facility.
This has been done many times before by other companies. Huawei used to do a lot of closed door development -- every one of the team lives in a hotel for a few months without phones and cannot get out. If your adversary burnt so many zero days and maybe also pulled some strings to hack you, you absolutely should do this.
It's possible someone wants to hack you more than you want to defend against it.
Or it's possible you are using your development processes more like a honeypot to trap the attackers. I suspect that was the case here - it's awfully hard to analyze a modern exploit unless you manage to get it to install on a phone you are already monitoring.
(all new exploits are 'single install' - ie. the exploit will retrieve most of its code from a server which will only send the data once, and then immediately after use the exploit code will be deleted. That makes recording the exploit hard).