With iPhone 17 line the security situation has improved dramatically. I'm not a cybersecurity researcher, but Apple says even nation-state actors will struggle to breach a single device with the newly introduced Memory Integrity Enforcement mechanism. Their research appears legit:
This is very clearly an entirely different class of effort than Blastdoor was/is. They decided that they needed a hardware solution to kill a category of exploits; Apple has a very good track record in this kind of thing.
Yup. Pretty similar to the modern threat profile of Android, all things considered.
> your average Android device has multiple publicly known remote execution issues.
Help me distinguish between "publicly known" RCE vulns and private ones. Do the privately owned exploits like FORCEDENTRY count as "publicly known", or only the Greykey/Cellebrite exploits used by governments?
Apple’s primary motivation is to sell hardware. Their brand is hurt if their direct customers suffer damages through malware.
Google’s primary motivation is to sell ads. Their brand is not hurt if phone brand FlirpleFoo ships millions of Android devices and then hurts those customers by not keeping those devices secure.
> Pretty similar to the modern threat profile of Android, all things considered
I don’t think this is accurate. Not even every nation-state would be expected to have access to iPhone zero days, particularly with the new memory protection rolling out.
I don't think that's accurate, either. NSO Group sold their exploits to several other nation-states, seemingly without much (any...?) vetting concerning the ethics of their government.
> seemingly without much (any...?) vetting concerning the ethics of their government
I’m not trusting in ethics. I’m trusting in commerce.
MIE should drastically reduce both the production rate and lifetime of zero days. That, in turn, means a focus on maximising profit per vulnerability versus process line.
