shows picture of an iPhone 4/4s
I mean probably the singular best model to date. When the retina screen dropped… wow. I miss Steve 🫶
Good phone aside from “you’re holding it wrong”
You know. That was a lot of nothing. My buddies BB did it. Worse. He dropped totally cupping his phone.
But how Steve handled it was amazing. I was happy with my new phone. And free bumper. And not a dropped call.
I think the scuffgate on the 5 was waaaaaayyy worse. Literally every phone they were cracking open had dings. Like bad ones. That kicked up a lot less dust than I felt it should
“If you have one”? What’s the point of that insert?
To stop all the assholes coming in and haughtily talk about how they have an Android phone.
If you have an Android phone, you’ll need to update it asap too because Google just released a security update for a zero-day vulnerability.
I thought people stopped debating religion online, it seems very 2013
Clearly you aren’t a programmer. I still have emacs users tell me how great it is that they have their garage door opener keybound to SUPER+CTRL+K+SPACE
We love to see sanity online folks.
I misread the title and thought it said “You Need to Update Your Phone [if you have one], Right now”, which I found quite strange, then started reading the post and was like “Hey, but I have an Android, do you assume everyone has an iPhone now?”… So here I am anyway.
You’ve been around long enough to know that won’t stop them. I recognize your user name from Reddit.
I had to try.
True enough. We can only do what we can.
So the hacker hacks your phone with his mind?
At a very high level: the attacker sends a picture which somehow is opened by Apple Wallet and leads to the execution of arbitrary code (this is the vulnerability, in how the wallet parses the picture, allowing for a buffer overflow), deactivation of certain security features and download/execution of the malicious payload.
sure apple wallet is requierd for it to work? red it like the image part can come remotely by picture 0click (by link preview archived) or via using the wallet app, not both in conjunction.
Citizen Lab says that the Blastpass is delivered to a victim’s phone via images that are attachments to PassKit, which is a suite of code that allows developers to access Apple Pay infrastructure for their apps. Those images are sent from a phony iMessage account, and when the iPhone processes that image, the hacker has free reign over the victim’s device.
It’s zero-click because when your iPhone receives the message with the image, it tries rendering the image, which contains the exploit. Once the attacker is in, they usually delete the message that got them access and all traces, so that you don’t know you’re even hacked. This could happen in the middle of the night when you’re sleeping.
Prior to this update, Lockdown Mode on their iPhones was the only way to protect yourself from this exploit.
What about iOS 17 Public Beta?
Anything published before today, while this was a zero-day, should be considered vulnerable.
Seeing as it’s not iOS 16, should be fine. But I’m sure they’d put a patch out for the beta if the risk was that high for it as well.
No idea. I wouldn’t trust it right now though.
I’ve put my phone in lockdown mode until a new beta comes out. Not much functionality lost
I forgot about Lockdown Mode! Good idea!
There’s no update for older iPhones or Macs yet.
Phew, I just started looking for my iPhone I don’t have. Brackets saved my sanity.
Thanks for proving exactly why I put them there in the first place. So people wouldn’t come in here gloating about how they didn’t have one.
The text in the brackets was added to prevent comments similar to this, but life finds a way
