← Back to context

Comment by vayup

5 months ago

In theory, it is a 1/15 chance of successful attack. Which is a terribly low success rate of attack prevention.

In practice, it is 15/16 chance of detection of the exploit attempt. Which is an extraordinarily high rate of detection, which will lead to a fix by Apple.

Net net, huge win. But I agree they come across as overstating the prevention aspect.

3 comments

vayup

Reply
saagarjha  5 months ago

1/16 is a miserable rate for commercial spyware; it would be very difficult to sell this kind of product for a remote 0- or 1-click attack.

  • pizlonator  5 months ago

    It’s miserable today because you’d be competing with others selling deterministic attacks.

    But what if the only thing available to purchase is 1/16 or 1/256? Then maybe it’s not so miserable

    • saagarjha  5 months ago

      I trust that people will find a way to make deterministic attacks, I just think they will charge through the nose for it.