
iVerify, an app that tells you if you're hacked - withzombies
https://blog.trailofbits.com/2019/11/14/introducing-iverify-the-security-toolkit-for-iphone-users/
======
Wowfunhappy
> iVerify periodically scans your device for anomalies that might indicate
> it’s been compromised, gives you a detailed report on what was detected, and
> provides actionable advice on how to proceed.

How can that possibly work in a meaningful way when the app is sandboxed on
iOS?

~~~
elizabethw
It can only detect noisy compromises of the phone. So it can detect the public
jailbreaks but it won't detect state level malware.
[https://able.bio/elizabethwind11/testing-iverify--
12unx2t](https://able.bio/elizabethwind11/testing-iverify--12unx2t)

~~~
dguido
Thanks for your review, however, I wouldn't go as far to say that.

You don't know what a given nation-state will do or what tools they will use.
It's likely that many of them use lightly modified, off-the-shelf tools.
Additionally, guides in the app offer the possibility to discover avenues of
compromise we cannot automatically detect (e.g., Gmail settings, Apple
profiles, etc).

You're also looking at our 'minimum viable product'. We'll continue to enhance
the detections over time, introducing new ones in updates that we expect will
take people by surprise. We'll address the specific technique you described in
your blog in a future version.

Finally, where you and I agree is that comprehensiveness of the checks are
limited by Apple's own sandbox. As an app in the App Store, we're limited to
using only public APIs. However, we also have an enterprise app that is
capable of using significantly enhanced checks when distribution via MDM is an
option.

I acknowledge, in the app FAQ and in interviews, that this is not a complete
solution to securing iOS, however, it is the best possible you can do within
the constraints provided by Apple. I think we'll be surprised by what we find
as more people install the app and its detections continue to mature.

