“Google has released a powerful tool that can help security researchers hack and find bugs in iOS 11.1.2,” Lorenzo Franceschi-Bicchierai reports for Motherboard. “The exploit is the work of Ian Beer, one of the most prolific iOS bug hunters, and a member of Google Project Zero, which works to find bugs in all types of software, including that not made by Google. Beer released the tool Monday, which he says should work for ‘all devices.’ The proof of concept works only for those devices he tested—iPhone 7, 6s and iPod touch 6G — ‘but adding more support should be easy,’ he wrote.”
“Last week, Beer caused a stir among the community of hackers who hack on the iPhone — also traditionally known as jailbreakers — by announcing that he was about to publish an exploit for iOS 11.1.2,” Franceschi-Bicchierai reports. “Researchers reacted with excitement as they realized the tool would make jailbreaking and security research much easier.”
“The iPhone is one of the hardest consumer devices to hack, and researchers who can do that and are able to find bugs in it rarely report the bugs or publish the tools they use because they are so valuable. But Google Project Zero researchers don’t need the money, and their mission is precisely to make all software, especially that owned by other companies, safer,” Franceschi-Bicchierai reports. “The final goal, Google said, is to help security researchers find even more bugs and hopefully report them to Apple so that they get fixed. Apple did not immediately respond to a request for comment, but the exploit has been patched.”
Read more in the full article here.
MacDailyNews Take: So, most users should make sure they’ve updated their iOS devices to iOS 11.2.
Google’s Project Zero does not aim to make all software safer. Their only motive is to create bad publicity and embarrassment for the competition. There is just no other reason to commit resources to the project.
Then it must be working. You also have to ask the simple question,”If iOS devices are so inherently at risk what is Apple’s responsiblity to remove the threat?” Consider the the Great Wake Up Call to Tim Cook to stop prancing about and lecturing society, and to get serious about designing excellent products.
you would be a so much more suitable CEO, your knowledge, insights and vision prove you are a great leader in waiting.
With so many security flaws in Android, I’m surprised they have time to look at anyone else’s OS.
Because Google only cares about the numbers of searches and the search fees they get, sarcastically speaking of course.
True, but it’s still a useful tool.
How many flaws in iOS would you consider acceptable?
How many flaws in Android is acceptable? Especially Android’s biggest flaw in security; no find my phone. The thing that help catch the Boston boomers. The thing that most phone thiefs hate; Most phones are stolen to call South America, having them tracked and disabled is built in to a iPhone. Android it is a carrier responsibility.
I see that the number of flaws you find acceptable is simply: Android flaws – 1.
What’s hilarious:
That Google is so famously good at finding the bugs in OTHER people’s software while it’s nearly WORTHLESS at finding malware within their own Google Play Store or solving the FragmAndroid security HELL problems. Google talks a lot, then solves almost nothing.
Your word of the day is:
Disingenuous
Android remains the single most dangerous OS available. 🙄
If it pans out as described, then it could be a net benefit to IOS users because if Apple is made aware of any flaws, it can rectify them and make IOS more secure in the future.
On the other hand, if this tool allows people to create malware taking advantage of exploits which Apple is not made aware of, then obviously it’s a bad thing ( and I believe that Google might be somewhat pleased it that were to happen ).
As for the jailbreakers – the reasons for jailbreaking have become almost non-existent for even quite technically orientated users and it seems to me that IOS jail braking has become more of an intellectual exercise rather than a practical means to an end.
I suspect that this is something which Google have released and are able to claim that it’s a good and honourable thing, but are secretly hoping that it might enable researchers to weaken the security of IOS, or at least create unfavourable publicity about IOS.
It’s awesome to go to see this web page and reading the views
of all friends on the topic of this paragraph, while I am also zealous of getting know-how.