[Hilift]

Apple should formalize the iMessage de facto DeviceAndAccountTakeover() API call. I lost count how many zero-click it has. Tim Apple can take the privacy high road all day but it doesn't matter if the code is rotten.

https://citizenlab.ca/2025/06/first-forensic-confirmation-of...

https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zer...

https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage...

https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hac...