Hacker News new | past | comments | ask | show | jobs | submit login
Google says hackers have put 'monitoring implants' in iPhones for years (theguardian.com)
47 points by adrianmsmith 48 days ago | hide | past | web | favorite | 8 comments

You can read about it from Project Zero here: https://googleprojectzero.blogspot.com/2019/08/a-very-deep-d...

That page answers all your questions about which devices were vulnerable and for how long.

Note that this article is also currently in the #1 spot on HN.

Google TAG gave Apple a 7-day deadline...and Apple met it. That’s amazing.

Interesting, article but lacking a lot of details.

This coming from Google, a direct competitor, certainly also looks a bit marketing phishy.

After the very recent large scale Google Play malware campaigns were uncovered (like CamScanner) it appears also pretty well timed to distract and divert from Google's own problems.

It is interesting, given that Google's approval process for apps seems obviously less comprehensive than Apple's. Of course, neither is perfect.

they fail to note which versions/devices are vulnerable, i suspect this must use some sort of webkit jailbreak method which only works against a handful of vulnerable device/os combos (they may have an 0day which works against every ios variant but i highly doubt it)

yet more overly sensational articles that miss the finer details and only serve to fill people up with fear and doubt. le sigh

Basically all supported iPhone models (5s through X inclusive) were not just vulnerable but actively exploited for over 2 years (September 2016 through January 2019) until the vulnerabilities were fixed in iOS 12.1.4. The attack was through the web browser, you didn't need to install any additional any additional apps to get hacked, visiting the attacker's website was enough. This is as bad as it sounds.


well shut my mouth, that is far more advanced than i expected it to be, hats off to them for actually getting it to work on that level in the wild rather than just in lab settings is pretty damn impressive

i know im probably supposed to say its "bad" or "evil" but that doesnt mean i cant be technically impressed, i was one of the poor unfortunate fools to get a system crushed by the CIH virus back in the day but it didnt stop me being pretty blown away at what it did

Who was behind this one? This seems to be incredibly severe.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact