[professorTuring]

That's easy, apple does not know if your specific mobile has been compromised. Also, nobody stole anything from Apple... It was a vulnerability and they provided a patch (remember that software is provided "as is")

I can't see how any software provider (ie Microsoft, Linux, Google... ) will say "install this patch to fix this and you may or may not been hacked, good luck"... They just provide the patch.

[viraptor]

> I can't see how any software provider (ie Microsoft, Linux, Google... ) will say "install this patch to fix this and you may or may not been hacked, good luck"

This is part of the reason CVEs and security bulletins exist. We're being notified about potential issues all the time by many vendors.

[professorTuring]

Yeps, definitely, agree.

But CVEs are intended for specialists. "Users" don't know about CVE.

[gsich]

With most leaks (and just assuming this is true, and data has been collected) you get the info to change passwords.

[professorTuring]

This is not a leak from a company is a leak from your device. The only one that can know if something has leaked is you.

Consider a lock manufacturer that has a key copy of each client. If someone enters in the building and steals all the keys, clearly the manufacturer should inform all their clients. But, if a vulnerability has been found in a lock model, the manufacturer can tell you about the vulnerability, but definitely they can't tell you if your house has been robbed that way (or if it has been robbed at all).

Anyway, with this story alone and without knowing if you have visited these webpages that allegedly hacked your iPhone (why aren't they listed?) the only thing you can do is renewing passwords in your most critical accounts.

[gsich]

Yes. And they can still warn about it.

[oarsinsync]

They do. Every patch release contains release notes and security notes disclosing what vulnerabilities have been identified and patched. This is industry standard practice, because this is a regular occurrence on all software platforms.

It’s not big news when it happens all the time.

What is big news, that’s gotten lost in all the noise, is that Google (through it’s crawling of the web) has been able to identify that some websites were (are) indiscriminately jailbreaking iPhones for the purposes of stealing user data.

This is the kind of thing that is routine on Windows, is likely to be routine on Android (given how many unpatchable devices are in use) but wasn’t considered to be routine on iOS.

The takeaway from all this is simple: if you’re not fully patched, you’re at significant risk. It doesn’t matter which platform you use.

[professorTuring]

Thank you, I left him for impossible...