←back to thread

About the security content of iOS 15.8.5 and iPadOS 15.8.5

(support.apple.com)
328 points jerlam | 2 comments | 17 Sep 25 00:34 UTC | HN request time: 0s | source
Show context
alexchantavy ◴[17 Sep 25 02:02 UTC] No.45270697[source]
Bunch of negativity on Apple UI recently, but you gotta give Apple credit for supporting really old phones. Google Pixel, forget about it lol
replies(5): >>45270867 #>>45271018 #>>45271120 #>>45271329 #>>45274018 #
edgineer ◴[17 Sep 25 02:44 UTC] No.45271018[source]
My Pixel XL here works great for scrolling at night. I'm skeptical of the "no more system updates" boogeyman; I'd love some case studies or anecdotes about the real-world threats that using an old devices exposes me to.
replies(3): >>45271529 #>>45271980 #>>45273902 #
judge2020 ◴[17 Sep 25 04:03 UTC] No.45271529[source]
> I'd love some case studies or anecdotes about the real-world threats that using an old devices exposes me to.

The Apple patch in the OP is in regards to a zero-interaction exploit that compromised the device to install spyware etc.

> Impact: Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

replies(1): >>45271692 #
walthamstow ◴[17 Sep 25 04:31 UTC] No.45271692[source]
> specific targeted individuals.

Isnt this exactly the point? Most people who aren't the target of state intelligence agencies have little to worry about from using an older phone.

replies(1): >>45271827 #
1. jandrewrogers ◴[17 Sep 25 04:55 UTC] No.45271827{3}[source]
Those exploits trickle down to less sophisticated actors as they become known.
replies(1): >>45273768 #
2. Aachen ◴[17 Sep 25 09:48 UTC] No.45273768[source]
That's the idea, but I'm not seeing it

Maybe that's because of the boogeyman being feared and so people update enough to make such attacks not common enough to be worth it, so once we stop fearing it... but idk. So far it hasn't mattered to have devices with Bluetooth vulnerabilities at hacker conferences of all places