If we have learned anything in the past 20 years, it is that security through obscurity does NOT work. Apple refuses to believe that. iPhone Triangulation attack abused undocumented hardware feature
Operation Triangulation is the name given to a spyware attack discovered in June by Kaspersky Labs.
The discovery and use of obscure hardware features likely reserved for debugging and factory testing to launch spyware attacks against iPhone users suggest that a sophisticated threat actor conducted the campaign.
Moreover, it constitutes an excellent example of why reliance on security through obscurity and the secrecy of hardware design or hardware testing implementation is a false premise.
The exploit is a zero-click attack that starts with sending a maliciously crafted iMessage to the target phone. That iMessage doesn't need to be opened and it leaves no trace.
It is fairly technical, but it relied on using undocumented hardware features to bypass Apple's hardware protection system. Leaving the unknown features in place was either a mistake or done to facilitate testing.
Apple in its continuing reliance on obscurity, didn't say much, they just issued an emergency patch in June.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.