An extension to the link [1] above is: the price NSO pays for android zero click is higher than the price they pay foriPhone zero click exploits. This implies they do indeed a catalog of iOS exploits stashed.
I've heard a few people theorize about why Android exploits seem to pay more. The theory is that Android is 1) very fragmented, with each manufacturer having different versions and modifications and 2) updates are much slower/non existent.
To get the top payout, you'd need to come up with something that works across all manufacturers versions of Android and probably across 4 or 5 major versions. You might be able to find an exploit for all Androids running version x, but if that version only has 10% of the android market, you wouldn't get a full payout.
iOS users tend to heavily be on the latest version, or one version behind at most. As an example, most recent iOS exploits in the wild seem to be using iMessages. On iOS, you can focus your efforts at one thing. On Android? Your surface area is much smaller because each manufacturer is going to be shipping their own messenger app, for example.
Looks like there's finally a benefit to Android OS being such a clusterfuck with some many versions being currently active on a significant portion of devices. Not updating quickly increases the number of versions floating around.
The link is about Zerodium, not NSO. Also, 2.5M $ vs 2M $ is not a meaningful difference, neither presents a meaningful road bump to competent attackers. But your point that it indicates a robust stash is fair. They 100% do.
Note that the article is from 2019. The iOS 14 made significant changes to the way messages are processed by adding sandboxing and isolation. Here's a post by Project Zero evaluating the improvements: https://googleprojectzero.blogspot.com/2021/01/a-look-at-ime...
It doesn't really imply anything because iPhone's global market share is less than 30% with customers concentrated in North America and China, both danger zones for NSO operations. Android exploits might also take far longer to patch across all vendors and users might take longer to update compared to iOS.
It's fairly probable that iPhone exploits are just less valuable to a shady intel operation that sells mostly to small authoritarian regimes.
Your comment is not considering that these governments are more likely to target politicians and journalists which are more likely to use iPhone regardless of where they are located. I don’t know if the implication that iPhone is less secure holds but it’s likely.
gorbypark|2 years ago
To get the top payout, you'd need to come up with something that works across all manufacturers versions of Android and probably across 4 or 5 major versions. You might be able to find an exploit for all Androids running version x, but if that version only has 10% of the android market, you wouldn't get a full payout.
iOS users tend to heavily be on the latest version, or one version behind at most. As an example, most recent iOS exploits in the wild seem to be using iMessages. On iOS, you can focus your efforts at one thing. On Android? Your surface area is much smaller because each manufacturer is going to be shipping their own messenger app, for example.
ranndino|2 years ago
Veserv|2 years ago
mh8h|2 years ago
civilitty|2 years ago
It's fairly probable that iPhone exploits are just less valuable to a shady intel operation that sells mostly to small authoritarian regimes.
henry2023|2 years ago