科技回声

8 条评论

neonate超过 1 年前

<a href="https://web.archive.org/web/20231229025641/https://www.kaspersky.com/about/press-releases/2023_kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case" rel="nofollow">https://web.archive.org/web/20231229025641/https://www.kaspe...</a>

jasoneckert超过 1 年前

Hector Martin (of the Asahi Linux project) has some nice commentary on it here: <a href="https://social.treehouse.systems/@marcan/111655847458820583" rel="nofollow">https://social.treehouse.systems/@marcan/111655847458820583</a>

评论 #38801443 未加载

评论 #38801425 未加载

评论 #38801434 未加载

评论 #38801475 未加载

评论 #38802010 未加载

评论 #38801419 未加载

arkadiyt超过 1 年前

The authors' Chaos Communications Congress conference talk about these exploits is up now, it was a great watch:- <a href="https://www.youtube.com/watch?v=7VWNUUldBEE" rel="nofollow">https://www.youtube.com/watch?v=7VWNUUldBEE</a>Also previous discussion:- <a href="https://news.ycombinator.com/item?id=38783112">https://news.ycombinator.com/item?id=38783112</a>

评论 #38801486 未加载

p-e-w超过 1 年前

> This is no ordinary vulnerability. Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consumingWhich, ironically, is evidence that "security through obscurity" does work, even though the authors implicitly criticize it in the same post.

评论 #38801808 未加载

评论 #38801783 未加载

评论 #38801746 未加载

评论 #38801669 未加载

评论 #38805003 未加载

评论 #38801692 未加载

greesil超过 1 年前

ELI5 por favor, is this a class of exploits that is a function of Apple's architecture, kind of like how specter was for the whole branch prediction thing IIRC? Or is this something that can be fixed with a software update and no performance impact.

评论 #38801593 未加载

评论 #38801701 未加载

collsni超过 1 年前

This is no normal vulnerability. Nation state insider?Nation state backdoor?

评论 #38801733 未加载

评论 #38801600 未加载

joshspankit超过 1 年前

Remember when someone discovering a powerful vulnerability meant that the community could find a solution and maybe even create a patch for everyone else?Feels like that reality was far more secure than the current closed-source siloed one.

samstave超过 1 年前

ELI5/OOL: impact?

评论 #38801488 未加载

8 条评论

neonate超过 1 年前

jasoneckert超过 1 年前

评论 #38801443 未加载

评论 #38801425 未加载

评论 #38801434 未加载

评论 #38801475 未加载

评论 #38802010 未加载

评论 #38801419 未加载

arkadiyt超过 1 年前

评论 #38801486 未加载

p-e-w超过 1 年前

评论 #38801808 未加载

评论 #38801783 未加载

评论 #38801746 未加载

评论 #38801669 未加载

评论 #38805003 未加载

评论 #38801692 未加载

greesil超过 1 年前

评论 #38801593 未加载

评论 #38801701 未加载

collsni超过 1 年前

This is no normal vulnerability. Nation state insider?Nation state backdoor?

评论 #38801733 未加载

评论 #38801600 未加载

joshspankit超过 1 年前

samstave超过 1 年前

ELI5/OOL: impact?

评论 #38801488 未加载

Kaspersky discloses iPhone hardware feature vital in Operation Triangulation

8 条评论

Kaspersky discloses iPhone hardware feature vital in Operation Triangulation

8 条评论