Except that iMessage is a perpetual source of security concerns. Once that becomes unsupported, you’ll likely have exploitable code, where the exploit is publicly and widely known (but patched on newer versions).
iMessage is a "perpetual source of security concerns" because it is a remotely triggerable target. That's it.
If everyone is using message service X, then we'll start seeing more attacks on X.
The exploits we've seen over the last few years haven't been in iMessage the app, they've been in a host of different things. The most recent security brouhaha was apparently in the webp library[1] that also effected chrome, webkit, Firefox, every electron app, and I assume every app on android, iOS, macOS, that uses system image decoders, etc. But if you want a specific target then you aren't going to use something like a random webpage or phishing email if you have something that you can guarantee will go to only one device that you know is exploitable, and you can guarantee how it will be handled - i.e. the builtin system messaging apps.
[1] and even here the attack didn't happen from iMessage
I don't know if you're specifically referring to X, the artist formerly known as Twitter, but regardless, no; iMessage runs with unique privileges and capabilities that are not available to ordinary messaging services.
olliej|2 years ago
If everyone is using message service X, then we'll start seeing more attacks on X.
The exploits we've seen over the last few years haven't been in iMessage the app, they've been in a host of different things. The most recent security brouhaha was apparently in the webp library[1] that also effected chrome, webkit, Firefox, every electron app, and I assume every app on android, iOS, macOS, that uses system image decoders, etc. But if you want a specific target then you aren't going to use something like a random webpage or phishing email if you have something that you can guarantee will go to only one device that you know is exploitable, and you can guarantee how it will be handled - i.e. the builtin system messaging apps.
[1] and even here the attack didn't happen from iMessage
superq|2 years ago
dangus|2 years ago
WirelessGigabit|2 years ago
unknown|2 years ago
[deleted]