Zerodium, a specialist in cyber-spying for governments and institutions, believes that there are now so many security holes on the iPhone that it is no longer necessary to constantly buy new holes from researchers. He concludes that iOS security is “screwed”.
Chyaoukri Bekar, head of Zerodium, a firm that sells cyber-spy solutions to governments and police forces, attacked the security of the iPhone operating system in one of his tweets.
He explains on Twitter: “iOS security is gone. Only the Privilege Attribute Certificates (PAC) and non-persistence features hold and prevent it from going to zero… there are a lot of exploits that manage to bypass the PAC, however, and there are a few exploits around persistence (0-days) that work on all iPhone/iPads. Hopefully iOS 14 will do better“.
As part of its business, Zerodium normally buys 0-Day vulnerabilities from researchers for amounts ranging from $100,000 to $2 million, depending on the severity of the vulnerability.
0-Day vulnerabilities are those that have not yet been officially discovered and for which there is no fix.
So at the same time as Chyaoukri Bekar’s tweet, Zerodium also made an announcement: “We won’t be buying any more iOS LPE, Safari RCE or sandbox escape vulnerabilities for the next two or three months“.
Zerodium said the decision was made “because of the large number of submissions related to these vectors”. As a result, “prices [for non-persistent exploits] are likely to fall in the near future”.
The explosion in the number of flaws is a fairly new – and worrying – fact for iOS. The operating system, which is much more closed than Android, is normally considered more secure than the latter.
Nevertheless, Apple keeps an advantage: if a flaw is officially discovered, the firm can very easily and quickly update its entire device fleet.
What do you think of these statements? Should Apple change something in its methods? Share your opinion in the comments.
iOS Security is fucked. Only PAC and non-persistence are holding it from going to zero…but we're seeing many exploits bypassing PAC, and there are a few persistence exploits (0days) working with all iPhones/iPads. Let's hope iOS 14 will be better.https://t.co/39Kd3OQwy1
— Chaouki Bekrar (@cBekrar) May 13, 2020