Hacker News new | past | comments | ask | show | jobs | submit login

YES! Current lockdown mode proposition of all-or-nothing is inconvenient.



You can leave lockdown off, and disable iMessage.


I don't want to disable iMessage, just attachments from unknown contacts.


Another idea for Apple would simply be quarantining attachments from unknown contacts. E.g. display that an attachment exists but don't download it to the device until a user accepts a "attachment from unknown sender" warning box


AFAIK all iMessage attachments (since iOS 14) are quarantined via BlastDoor, any such full system takeover must include at least two escapes: one from BlastDoor, and another from the application sandbox. They also need to cope with ASLR. It's pretty heavy duty even in the most basic default configuration.

https://googleprojectzero.blogspot.com/2021/01/a-look-at-ime...

Upon re-reading this, it seems like crashes in BlastDoor are reported to Apple in real-time. I think this qualifies as "clientside scanning", tbh.


Why increase your security bug surface 2x when you can increase it exponentially!


I assume that inconvenience is intentional -- otherwise everyone would enable it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: