techlogik77
About
- Username
- techlogik77
- Joined
- Visits
- 0
- Last Active
- Roles
- member
- Points
- 5
- Badges
- 0
- Posts
- 1
Reactions
-
Apple Silicon vulnerability leaks encryption keys, and can't be patched easily
maltz said:twolf2919 said:As most attacks, this requires you - at the very least - to download and run an app of unknown origin. Don't do that.
Well, it's not always that simple. A couple of times a year there's a security issue that allows arbitrary code execution when processing an image or some other type of data - sometimes already in the wild. If your un-patched phone visits a website with such malicious content, or sometimes even receive a text containing it, you've "downloaded an app of unknown origin" and run it without even knowing it.
Sure it can - to a point. The app store definitely scans app code for malicious activity such as this. It's a cat-and-mouse game, though, as malware tries to obfuscate what it's doing. So it's not perfect, but it's far from useless.VictorMortimer said:Because the reality is that this can be hidden just about anywhere in a closed source app, and your precious app store can't protect you.Was going to post something similar to the above. The hidden print flaw and 2 other zero days which a text message was sent, you never got it/received any notification of the text in imessage etc...and it exploited the 3 zero days in the background installing malicious software just waiting to be used later on. App store scanning doesn't mean much when it is typically zero day exploits that are a means to get your mac/iphone to perform some function to then exploit this vulnerability. But I guess the ultimate question here is...what exactly would be the case use of this flaw? Would like to see/hear some examples of how this could be used to perform some function/malicious thing. Like steal banking information/credentials or other sensitive things??In the meantime, Devs will need to rebuild apps and push them out for M3 platform and disable that switch after some testing. Problem is...is the M3 now turned into an M1 with the performance hit or now an i9 Intel equivalent? They didn't do any testing with that. And all the other mitigation things for M1/M2 and my iPhone 12 Pro max doesn't sound like fun or good for performance.
