Chris <
ithi...@gmail.com> asked
Jesus Christ Chris,
You are so ignorant you _missed_ the openeing sentences for God's sake!
"The root causes I highlight here are not novel and are often overlooked.
*We'll see cases of iOS code which seems to have never worked*,
*iOS code that likely skipped QA or likely had little testing*
*or no code review before the iOS release was shipped to users*."
This was for _many_ iOS releases, Chris... that Apple didn't test even once.
The fact Apple doesn't sufficiently test iOS releases is clear, Chris.
All iPhones are compromised the instant Apple installs an iOS release.
The proof is _overwhelming_ Apple doesn't even _test_ much of iOS code!
You're dense. You're shockingly dense. I've never met people like you are.
You're like Trumpists. You can't see what everyone else _easily_ sees.
The proof is not only from Project Zero - it's everywhere.
*Even Apple didn't refute the fact they never tested their iOS code.*
What's shocking is that an intelligent _adult_ conversation is impossible
with all you apologists... I don't even know how you function in society.
*None of you apologists own even the most basic of adult cognitive skills*.
Here's just a few verbatim quotes from the very article you supposedly read:
"The more important takeaway, however, is what the vulnerability was.
In 2014, Apple added an unfinished implementation of a new feature named
"vouchers" and part of this new code was a new syscall (technically, a
task port MIG method) which, from what I can tell, never worked. To be
clear, if there had been a test which called the syscall with the
expected arguments, it would have caused a kernel panic. If any Apple
developer had attempted to use this feature during those four years,
their phone would have immediately crashed."
Besides the fact Google clearly said the code couldn't possibly ever have
been tested many times, there were plenty of indicators iOS is never tested.
These are all complete, verbatim quotes from what you supposedly read,
Chris. (Again, it's shocking how fantastically _stupid_ you appear to be).
"It's difficult to understand how this error could be introduced into a
core IPC library that shipped to end users. While errors are common in
software development, a serious one like this should have quickly been
found by a unit test, code review or even fuzzing. It's especially
unfortunate as this location would naturally be one of the first ones
an attacker would look, as I detail below."
Here's another:
"It's the kernel bug used here which is, unfortunately, easy to find and
exploit (if you don't believe me, feel free to seek a second opinion!).
An IOKit device driver with an external method which in the very first
statement performs an unbounded memmove with a length argument directly
controlled by the attacker"
The amazing thing is I've never met people as ignorant as you apologists,
who, given a spoon fed easy article to read, you can't see _any_ facts in
that article if those facts tell the truth about Apple products.
--
You're like Trumpists - all of you apologists own imaginary belief systems.