|
|
|
|
|
|
by andreyf
4423 days ago
|
|
|
> projects such as DROPOUTJEEP confirm that the iPhone isn't to be trusted That iPhones used to completely trust physically connected devices without any verification was obvious to anyone paying attention even before it was verified at Black Hat USA 2013 [1]. This was fixed in iOS 7. The evidence we have of DROPOUTJEEP says it is installed via "close access methods" [2]. I wouldn't be surprised if remote vulnerabilities exist that could be used to install it remotely, but I am aware of no public evidence that they are being exploited now. 1. http://www.zdnet.com/researchers-reveal-how-to-hack-an-iphon... 2. http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-... |
|
|