[defaulty]

Why did this take so long? The alternate thread pointing at the citizenlab report [1] says that "In March 2021, we examined... and determined that they had been hacked"

It's September. The NYTimes says: "Apple’s security team has been working around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with spyware from NSO Group."

So has Apple been sitting on this since March, or has CitizenLab?

[1] https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage...

[defaultname]

As the story clearly indicates, they re-examined backups and recently made a very valuable discovery that everyone should be extremely thankful for. And Apple turned around a worldwide patch for a billion plus devices in less than a week after being notified.

I'd rather the flaw wasn't there in the first place, but a remarkable effort by both parties given that it was there.

[defaulty]

That's fair. I am appreciative. I was just shocked by the timeline but glad this was resolved

[detaro]

immediately after the bit you quote:

> Recent re-analysis of the backup yielded

Further down has the timeline of when Apple was informed and acted.

EDIT: and for completeness link to the mentioned other discussion, which makes this a dupe: https://news.ycombinator.com/item?id=28516095

[smoldesu]

Maybe the fearmongers are right, and we've truly reached a post-privacy world. Frankly, I don't know how else you'd describe it: your phone, smartwatch or computer can all be silently hacked without your knowledge (or any easy way to verify that you're infected). You can't visualize or control how your personal data is propagated, and the cherry on top is that it's all a laissez-faire exploit carnival. I don't know if it's fair to call Apple culpable here, but it is fair to say that your phone (and data) is at risk.