About the security content of iOS 15.8.5 and iPadOS 15.8.5

(support.apple.com)

328 points jerlam | 1 comments | 17 Sep 25 00:34 UTC | HN request time: 0.423s | source

Show context

joecool1029 ◴[17 Sep 25 03:07 UTC] No.45271165[source]▶

Might as well say it since nobody else commented about it, but modem/soc vendors are huge limiting factor on longterm android support. Qualcomm maintains these updates for only a few years, basically nothing earlier than around 2020-2021 gets kernel driver or modem updates.

Of course it's still up to phone manufacturer to integrate these changes, but it puts an effective security support timeline on even 3rd party ROM's like lineageos. They can cherrypick, but it's not as secure once that support ends.

Apple has almost everything in-house (except until recently, modems). So they have a ton of flexibility in continuing to provide updates.

replies(7): >>45271246 #>>45271373 #>>45271509 #>>45271512 #>>45271695 #>>45271719 #>>45271849 #

treesknees ◴[17 Sep 25 03:37 UTC] No.45271373[source]▶

>>45271165 #

My problem with this argument is many of these types of CVEs have nothing to do with baseband firmware or drivers or anything else controlled by Broadcom. Google could still patch security issues in the parts of the system most exposed to attackers, namely the libraries and apps in the OS itself.

I’d be more afraid of a zero day image parsing bug in messages, where I could be exploited with a drive-by spam text or hyperlinked image, than some theoretical baseband attack by someone in a privileged cell network system.

replies(3): >>45273167 #>>45273616 #>>45273932 #

1. saagarjha ◴[17 Sep 25 09:25 UTC] No.45273616[source]▶

>>45271373 #

They do; many of the system apps and libraries are updated via the Google Play Store.

↑