In security, the time between exploited attacks and fixes-as well as people applying those patches, is key. Citizen Lab timed the iOS 16.6.1 fix with a blog detailing what had happened and how the attack exploiting the vulnerabilities was performed. What if it went wrong again? Not only would Apple look bad, but the attack was already out there. Of course, Apple itself tends to stay quiet about the ifs and whys, but my guess is that the fix in iOS 16.6.1 was far too important to risk. It was a high-profile error, which led to the iPhone maker being red-faced-but my understanding is that Apple never wanted that sort of bad optics to happen again. That’s in theory, anyway.Ī couple of months ago, Apple issued a Rapid Security Response update that had to be retracted because the fix broke something else. This new feature in iOS 16 sees Apple push security-only upgrades to your phone in an easy-to-download and install size to ensure you are always protected. Some of you might wonder why iOS 16.6.1 wasn’t released as a Rapid Security Response Update. “The exploit can be used by an attacker w/out the victim taking an action,” she added.“Here, the attacker can send the attack via iMessage & compromise device to spy/harm.” Why Wasn’t iOS 16.6.1 Released As A Rapid Security Response? “These exploits are usually used against folks with high threat models-people in the public eye, folks working in government, individuals being targeted or harassed by nation state actors, journalists,” security expert Rachel Tobac wrote in a tweet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |