
About the security content of iOS 9.3 - wooster
https://support.apple.com/en-us/HT206166
======
jgrahamc
Waiting for the paper on this:

    
    
        Impact: An attacker who is able to bypass Apple's certificate pinning, 
        intercept TLS connections, inject messages, and record encrypted attachment-
        type messages may be able to read attachments
    
        Description: A cryptographic issue was addressed by rejecting duplicate 
        messages on the client.
    
        CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, 
        and Michael Rushanan of Johns Hopkins University

~~~
runesoerensen
The blog post (which includes link to the paper) has been submitted here:
[https://news.ycombinator.com/item?id=11332377](https://news.ycombinator.com/item?id=11332377)

------
mhw
Hmm:

    
    
        CVE-2016-1752 : CESG
        CVE-2016-1750 : CESG
    

I wonder if that's <[https://www.cesg.gov.uk/>](https://www.cesg.gov.uk/>),
which is "the Information Security Arm of GCHQ". If so I guess we should be
thankful that they saw these vulnerabilities is a risk rather than an
opportunity.

~~~
pbarnes_1
Government uses iPhones -> Government reports iPhone vulns.

~~~
matt_wulfeck
And this is exactly the way it should work.

------
kabdib
Apple's basically saying "Here are a bunch of bugs _that are not fixed in the
version of the phone the FBI has_. You don't need us, or source code, or
anything other than to hire someone to take advantage of these holes. Go
away."

Nice timing.

Probably pissed off a bunch of the intelligence community today.

------
abritishguy
So many memory corruption issues, I'd like to think in 5/10 years time this
would be solved and everything written in a safe language but maybe I'm being
optimistic.

~~~
knodi
Thats the same thing people said 10 years ago.

~~~
wtallis
The people saying that 10 years ago were quite obviously being unrealistic.
Holding such an opinion back then was essentially predicting that C++ would be
replaced by Java, Python, etc.

Now, we've got languages like Rust that offer improved safety mechanisms
without really sacrificing expressiveness or runtime performance the way
"managed" languages do, so there's a real alternative for software that needs
the highest performance or best battery life.

------
daenney
"This issue was addressed through improved input validation." Valuable
refresher for everyone.

------
brokentone
Is the big security roll up here due to external or internal scrutiny of iOS
security spawned by the FBI inquiry perhaps?

~~~
saidajigumi
Seems doubtful. The overwhelming majority of the CVEs have external reporters
cited.

Instead, I expect iOS 10 and the fall hardware announcements are where we'll
start seeing signs of any really big changes, e.g. an Apple push to seal
itself (and government actors) completely away from customer data access.

------
kevincox
Am I reading this wrong or does it not say which devices received fixes? Or is
it not including which devices were affected?

~~~
robin_reala
The issues reports are OS level rather than device level. Every device that
can run iOS 9 gains these fixes. Full list is at
[https://www.apple.com/ios/whats-
new/#compatibility](https://www.apple.com/ios/whats-new/#compatibility) , but
basically iPhone 4S+ / iPad2+.

