Comment by Joel_Mckay
18 days ago
Indeed, likely as secure as the VPNs run by intelligence contractors.
1. iOS has well-known poorly documented zero-click exploits
2. Firms are required to retain your activity logs for 3 months
3. It is illegal for a firm to deny or disclose sealed warrants on US soil, and it is up to 1 judge whether to rummage through your trash. If I recall it was around 8 out of 18000 searches were rejected.
It is only about $23 to MITM someones phone now, and it is not always domestic agencies pulling that off. =3
> 1. iOS has well-known poorly documented zero-click exploits
PoC || GTFO, to use the vernacular.
If you're talking about historical bugs, don't forget the update adoption curves.
No one will hand over the several $1m 0-day as PoC for free, as there are grey-market products based on the same tired exploits.
"Not My Circus, Not My Monkeys" as they say. =3
My understanding is that there is current consensus that active iOS 0days are not likely to be available at the LE level.