top | item 34296486

(no title)

h4waii | 3 years ago

Apple has paid out about $20 million dollars in their security bounty program, and a good portion of that must be iOS-related, so much so that they offer dedicated iOS devices to researchers.

iPhones have been jailbroken by visiting a webpage, receiving a message, or joining a WiFi network.

Just about every single iOS release is patching a vuln that was reported or found in the wild being exploited.

So, really, is the "furthest iOS malware" concern being 3rd party tracking a genuine statement?

discuss

judge2020|3 years ago

Given it’s much harder to get malware through the App Store than it is to get it through the macOS notarization system (or just telling people to right click open your dmg), you certainly won’t find iOS malware affecting a large amount of users unless those users seek it out (via jailbreaks) or are individuals at risk of extremely targeted attacks, which is what lockdown mode aims to guard against: https://www.apple.com/newsroom/2022/07/apple-expands-commitm...

makeitdouble|3 years ago

You should define “malware”. There is wide variety of apps that harm users to different degrees, and I’m not sure we’re sharing the same definitions of what the App Store is supposed to protect their users from.

fsflover|3 years ago

F-Droid app store has no malware, even though it does not benefit from Apple's approach to security. All you need in practice is free software.