I guess everyone at Kaspersky knew the risk of an attack was non-zero given their industry profile. Their SIEM finally caught it, albeit it is arguable if the detection was timely and as others in the thread have pointed out, their MDM should have detected the upgrade failures or version issues. We will probably hear about it in the detailed paper/presentation later.
Their rant on the closed nature of the ios ecosystem is more around Apple's hold on the research tools. That is what I took from the statement, among other things.
Actually, Apple should consider making iMessage open source.
Given it is such a popular attack vector, it probably benefits the ios ecosystem to take the benefit of open source scrutiny. There are other messaging apps like Signal, WhatsApp, Telegram etc., So, it is not like a copycat would suddenly emerge and threaten Apple's position. Apple hold the keys to the app store anyway and can review any potential copycat (supposedly malicious one) and prevent it from being released.
Right you can turn off getting any messages entirely and deregister your phone from their network. I believe what I was remembering was you can't swap out the primary SMS receiving app like you can on Android. Unless something changed. Not everyone like's to live in a security bubble w/o phone access, even the security minded.
There is a switch in the Settings app to disable iMessage and just use SMS. This is an option for the built in messaging app, no need to “swap” or install another app.
So basically still using iMessage software just for SMS? I guess this could provide some better sense of security given the parsers are the main issue.
Their rant on the closed nature of the ios ecosystem is more around Apple's hold on the research tools. That is what I took from the statement, among other things.