Technology

59111 readers

4823 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

103

They Found The iPhone Backdoor (odysee.com)

submitted 10 months ago by [email protected] to c/[email protected]

18 comments fedilink hide all child comments

In this video he discusses the TriangleDB attack chain that allowed hackers to completely compromise iPhones starting with a zero click exploit and ending with a bypass of Apples hardware based memory protection.

Read more about it from Kaspersky: https://securelist.com/triangledb-triangulation-implant/110050/

top 18 comments

sorted by: hot top controversial new old

[–] [email protected] 75 points 10 months ago (4 children)

This is an astonishing attack but it has been all over the tech news already and is explained pretty well in the securelist post. I don't have any desire to watch a video.

[–] [email protected] 61 points 10 months ago

To summarise the video for you: "Yada, yada, yada... there's a blog post that covers this better, you should check it out"

[–] dgriffith 1 points 10 months ago* (last edited 10 months ago)

For me, this kind of video has a whole, "this meeting could have been an email" vibe about it.

I can skim articles for salient details at 800 words per minute just fine. I can't stand trying to seek through a 10 minute video looking at the stills to find something of importance.

Even taking into account the Wadsworth constant and cranking it up to 2x speed it just feels like a slow way to get information across, especially when it's coupled with the standard YouTube monetisation methods.

[–] [email protected] 0 points 10 months ago

The video doesn't go into the technical details about TriangleDB; that is left as a reference to the securelist article. Instead, the video discusses the background of the exploit, what has been done by others, what has been done since, and calls out some curiosities about the perpetrators.

I found the video to be a great summary and quite insightful.

[–] [email protected] 34 points 10 months ago

So… can we now have decent untethered jailbreaks again?

[–] [email protected] 6 points 10 months ago

Thank you for the video summary. That's very helpful

[–] [email protected] 4 points 10 months ago (1 children)

For those wondering: multiple security flaws that this actively exploited were fixed in iOS 16.5.1 and 17.

[–] [email protected] 1 points 10 months ago

Stay updated. Reboot daily.

[–] [email protected] 1 points 10 months ago (1 children)

A... They found A iphone backdoor. There are others as surely as there are faults with all complicated systems.

[–] [email protected] 6 points 10 months ago (1 children)

you're talking about bugs, not backdoors. A backdoor is something intentional

[–] [email protected] 7 points 10 months ago

The distinction between an accidental bug, and the deliberate back door with plausible deniability is minuscule.

Unless you find the smoking gun document stating the reason for the code being written this way, there's always going to be deniability, it's always going to be pointed out as a bug.

But I think it's immaterial, even if every back door starts off as a genuine bug, code is so large and complex that there's going to be back doors to be harvested. And cataloged. And kept in reserve for advanced persistent threat actors