Apple fixes an in-the-wild exploited 0-day (iOS 14.7.1)

Correct. The issue is that Apple takes security systems designed as a defense against local attackers and uses them as a bulwark against their own customers.

Come to think of it, maybe that could be the basis of a right-to-repair law: companies which sell hardware products that restrict functionality or access to those who know some secret value must divulge those secrets to the device owner upon request at the time of purchase.

The only issue I can think of with a law like that is that it'd make DRM significantly less effective, though IMO that's not necessarily a bad thing.

Jailbreaks require 0 days. What’s amazing is that they keep coming out despite the prices being so high and the game already having been played for so long.

Just a shame it won’t be in iOS 15.

There is a difference. Not all 0days are jailbreaks. All jailbreaks are unpatched 0days.

All tall people are human. Not all humans are tall.

You're free to tinker with an iPhone however you want, it just might require you to be smart enough to work around the built-in security measures.

You are absolutely right. The manufacturer and the law has no say on the usage of a device I own. And still I cannot expect them to support a way of usage that was never intended. So Apple shouldn't be (and isn't) able to sue jailbreakers, but they don't have to make it easy for them.

I’m not disputing the right to do whatever you want with your phone.

My comment was specifically targeting the fact that jail breaking somehow encourages people to develop means of circumventing the security of devices. This is when this becomes dangerous - suddenly it has the potential to hurt unsuspecting users. Saying that the responsibility is with Apple (or Google) to make this possible feels like a straw man argument - their job is to earn money (no illusions there) and keep users safe, even if it means making it harder to tinker (which also helps them earn money)

Arbitrary separating the hardware from the OS is not the same thing as the manufacturer having a say on usage. Like I am free to use my car how I want, but that I may not be able to easily repair it or swap parts like the seats or the engine is another problem.

The key difference is with Android you can take responsibility for your own security if you choose; it's a Linux not so different to any other.

On iPhone you don't have that option, and you have no way of knowing if your phone was compromised.

But none work with Apple Watches, nor do they work with iMessage.

> Around that time iOS was still pretty limited in what you could do

I'd argue it still is.

I can't install a third party web browser that doesn't use WebKit.

I can't select alternative default apps to most apps bundled with the OS.

I still can't unlock the bootloader.

I still can't browse the entire filesystem.

People who espouse the virtues of jailbreaking on iOS tend to forget one big thing... the exploits that are used to jailbreak are also exploits used by malware creators to compromise the system.

The primary point of jailbreaking is to be able to run native apps not approved by or banned by Apple and that is something you still cannot do.

> Also, with a jailbreak, I own my data. iOS (Android too, I believe) actively prevents some data from being backed up or copied otherwise.

The primary area you see this is with applications which have flagged that data as sensitive so it won't be included on unecrypted backups (which includes iCloud). This is somewhat important for security — for example, you reasonably do not want TOTP seeds floating around invalidating your second factor security model — but it means you have a problem if an application you care about uses that feature in a way you don't anticipate.

> Also, with a jailbreak, I own my data.

Also with a jailbreak, other people own your data too. A jailbreak is an exploit. A hammer can be used to drive in a nail (jailbreak) or it can be used to smash windows (malware.) Same tool in the end.

The very act of jailbreaking is what keeps your system vulnerable to the same exploits used by malicious actors.

So get another phone.

Sideloading apps is not a feature of iOS. It is also illegal unless the app explicitly allows it in their license. If you need to be able to side load apps, you need a device intended for this purpose.

Regarding data, all user data on iOS is backed up either through iCloud and/or on your Mac.

I guess that retroactively justifies my decision to keep my iOS devices on 14.5 at least...

That really doesn’t sound very ethical though. An exploit can literally put people in danger. Holding back on reporting just so a few enthusiasts can fiddle with parts of their phone nobody intended for them to use is plain irresponsible… even antisocial.

The GP said that they buy up these other vendor's supply chain making where other device manufactures cannot use them. So if you want the specific features in Apple devices, you have to get the Apple device. I can't imagine this is done by accident by Apple.

Best is relative. Fastest, however, is usually accurate. Ever since they started designing their own chips.

I didn't say that. Their MacGyvered memory-safe iBoot implementation [1] shows that it's at least a consideration and that they're exploring ways to shore up vulnerable components.

Swift is not (currently) a viable replacement for C.

I'm not saying they should rewrite the entire OS immediately, but: given the pace at which they're able to pump out new marketable features; the massive deployed base of iOS devices; and the sensitivity of the data that is kept on those devices, I would argue that they damn well better have a long-term plan to replace their bug-ridden kernel and other important low-level systems, with code that isn't vulnerable to classes of bugs that have been solved for decades and are frequently exploited in the wild. And I'm not just talking about Apple here.

[1] https://support.apple.com/guide/security/memory-safe-iboot-i...

Clearly they don't care enough to force their own employees to use it, which is how we got the absolute utter crap that is a proprietary 802.11 protocol implementation in the kernel and the endless streams of ObjectiveC userland exploits.

Is the implication here that Apple doesn't value memory-safety? Why would you say that?

Presumably because they also said

> iOS is hundreds of millions of lines of C and C++

and Apple did write a whole new operating system that way not so long ago despite the well-known safety issues of doing so. If any company in the world has the resources to incrementally rewrite an entire operating system with huge numbers of active users today so that the attack surface becomes progressively smaller, it's Apple.

Looking at web browsers it doesn't matter how much reviewing and hardening you do, some of this just can't be 100% secured.

Fair question, it's a shame you're being downvoted for it. I do agree that there is no apparent profit motive to do much more than lip service and short-term damage control, although Pegasus might start to change that, we'll see.

It's important in the same way that phasing out ICE cars is important -- important for society, but unlikely to happen in a timely manner without regulation.

Here's a fun strawman: the EU or California could announce limits on the sale of products relative to the number of lines of memory-unsafe code used to build them, starting in a few years.

You're comparing a kernel to a full graphical OS though with tons of included apps and frameworks.

A door would need thousands of doorknobs for that analogy to make sense.

> Someone breaking into my house 10 times by jiggling the same doorknob a contractor told me they “fixed” would be very concerning.

The complexity is not the same. My grandfather is not questionning my ability to fix his computer that “breaks” once in a while just because I already fixed it the last time.

How’s your battery usage though, with the cell radio on (compared to wifi)?

Battery crapping out is still a major taboo with iOS updates, I believe.

Yeah, that needs to change.

It should probably have to be turned on explicitly, because a lot of people are still on spendy OTA plans, but it should be an option.

Whoa! Where do you live?

My iPhone 11 Pro downloaded over 900 Mb and it was up to date until now.

More than enough of them would be on mobile networks to cripple those networks (even if not sharing, they'd at least be downloading).

I don't think the install duration is new. Most of the security updates on MacOS 10.15 have taken about 15-20 minutes to install on my 2020 MBP. And the first stage claims that it will only be a couple of minutes. Annoying as hell.

That doesn't mean that we should just ignore efficiency. Smaller downloads means less bandwidth required on apple's side as well.

This also ignores that not everyone has stellar connection speeds, and that some people -do- have bandwidth caps (also, let's ignore that people are often mobile). Developers really need to stop making assumptions about people's hardware or internet speeds... and just do their jobs and make efficient designs. Maybe one day everyone will have super beefy machines on fiber optic networks with 10gb nics, but that's not the reality as of now.

If a patch needs to be 2gb, then so be it. But if it could be 100mb, then that's certainly better and something to strive for.

> Data transfer isn’t a finite resource like oil or gas.

It absolutely is for many people. Not everyone has unlimited services. Even on fixed line services many are limited.

>Data transfer isn’t a finite resource like oil or gas.

Clearly you haven't seen those crappy limited data ISP contracts floating around. It's an issue for some people.