|
|
|
|
|
|
by olliej
986 days ago
|
|
|
The attack was apparently via PassKit - a separate process entirely, because messages is explicitly hardened (the whole "blastdoor" (tm) thing is to deal with that). I'm not sure what the actual passkit APIs look like but in principle any app that would take an attacker provided image and send that to whatever process handles those passkit things would get the second order part of the attack. But of course some attacker trying to, for example, extract the messages from Signal or suchlike could start from code execution in the signal process. |
|
|