Comment by theshrike79
8 months ago
The amount of money you can get for a iPhone 0day confirms it.
If they were playing fast and loose with cryptography and encryption, we'd have a lot more exploits in the open.
8 months ago
The amount of money you can get for a iPhone 0day confirms it.
If they were playing fast and loose with cryptography and encryption, we'd have a lot more exploits in the open.
What do you mean by that? I don't think this follows at all.
If iPhones had flaws in the encryption or security, they WOULD be exploited and monetised.
A zero day remote attack on an iOS device is worth so much money that you have to be _really_ ethical as a hacker not to sell it and report it to Apple for a small reward instead.
The last time one was deployed "publicly" was against Jeff Bezos (or his wife) - one of the top10 richest people in the world anyway. And then it was patched for everyone.
Apple owns the code and all it's visibility - you're not allowed to see it.
They don't need a 0 day to compromise your device, they can just choose to do it at any point. You're simply trusting they don't.
8 replies →
>The amount of money you can get for a iPhone 0day confirms it.
Less than for an Android 0day then. Yes, it's quite telling.
You got it wrong.
An iOS 0day would be far more valuable, confirmed by the rest of the thread above.
No, an iOS 0day _is_ less valuable. Every exploit acquisition program pays out more for an Android RCE than it does for an iOS RCE. And it's not surprising: give iMessage a mean look and a .png that looks funny and it breaks under the pressure.
The rest of the thread above is merely the delusions of an Apple fanboy, followed by dozens of people listing out reasons why an iPhone is more vulnerable to attacks, both from external actors _and_ from Apple collecting massive amounts of data and having total remote control of "your" device.