Why did this take so long? The alternate thread pointing at the citizenlab report [1] says that "In March 2021, we examined... and determined that they had been hacked"
It's September. The NYTimes says: "Apple’s security team has been working around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with spyware from NSO Group."
So has Apple been sitting on this since March, or has CitizenLab?
As the story clearly indicates, they re-examined backups and recently made a very valuable discovery that everyone should be extremely thankful for. And Apple turned around a worldwide patch for a billion plus devices in less than a week after being notified.
I'd rather the flaw wasn't there in the first place, but a remarkable effort by both parties given that it was there.
Maybe the fearmongers are right, and we've truly reached a post-privacy world. Frankly, I don't know how else you'd describe it: your phone, smartwatch or computer can all be silently hacked without your knowledge (or any easy way to verify that you're infected). You can't visualize or control how your personal data is propagated, and the cherry on top is that it's all a laissez-faire exploit carnival. I don't know if it's fair to call Apple culpable here, but it is fair to say that your phone (and data) is at risk.
On a sidenote: If you would like to read this article without giving away your email address or signing in, activate the 'Reader' option in your browser.
It should be mandatory to notify people if they've been exploited when updating, also give better info on this incident no?
A normal smaller tech company is expected to create an advanced description of what happened. Apple doesn't give any info at all to regular users, no one i know has heard about this, not even seen a "very important to update" message, just a silent "update 11.6".
In my mind everyone with an Apple device should get a huge warning pop up on their screen with the text "everything on your computer has been potentially compromised - update now to remedy (for now at least)" in all caps.
If it's a managed device, the owning organization can block it. If it's a personal device you may have to dig into the settings to explicitly update it, or they're staggering the release.
> It's ok to post stories from sites with paywalls that have workarounds.
> In comments, it's ok to ask how to read an article and to help other users do so. But please don't post complaints about paywalls. Those are off topic.
[+] [-] defaulty|4 years ago|reply
It's September. The NYTimes says: "Apple’s security team has been working around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with spyware from NSO Group."
So has Apple been sitting on this since March, or has CitizenLab?
[1] https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage...
[+] [-] defaultname|4 years ago|reply
I'd rather the flaw wasn't there in the first place, but a remarkable effort by both parties given that it was there.
[+] [-] detaro|4 years ago|reply
> Recent re-analysis of the backup yielded
Further down has the timeline of when Apple was informed and acted.
EDIT: and for completeness link to the mentioned other discussion, which makes this a dupe: https://news.ycombinator.com/item?id=28516095
[+] [-] smoldesu|4 years ago|reply
[+] [-] HendrikR|4 years ago|reply
[+] [-] FabHK|4 years ago|reply
[+] [-] BigMajestic|4 years ago|reply
[+] [-] kossTKR|4 years ago|reply
A normal smaller tech company is expected to create an advanced description of what happened. Apple doesn't give any info at all to regular users, no one i know has heard about this, not even seen a "very important to update" message, just a silent "update 11.6".
In my mind everyone with an Apple device should get a huge warning pop up on their screen with the text "everything on your computer has been potentially compromised - update now to remedy (for now at least)" in all caps.
[+] [-] tpmx|4 years ago|reply
macOS 11.6: https://support.apple.com/en-us/HT212804
[+] [-] jumelles|4 years ago|reply
[+] [-] r00fus|4 years ago|reply
[+] [-] less_corn|4 years ago|reply
[deleted]
[+] [-] sixhobbits|4 years ago|reply
> It's ok to post stories from sites with paywalls that have workarounds.
> In comments, it's ok to ask how to read an article and to help other users do so. But please don't post complaints about paywalls. Those are off topic.
https://news.ycombinator.com/newsfaq.html
[+] [-] defaulty|4 years ago|reply
But then you have to actually read NYTimes, which reading the agenda they push can be a different type of infuriating.