Privacy

31609 readers

261 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

236

0-Day Remote iPhone Full Access Being Abused, Update Immediately (citizenlab.ca)

submitted 1 year ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

all 19 comments

sorted by: hot top controversial new old

[–] [email protected] 68 points 1 year ago (2 children)

Couldn't think of a better title, TL;DR via receiving an iMessage with a specially crafted image, an attacker can get full access to your device. Update iOS immediately to resolve the issue

[–] [email protected] 35 points 1 year ago (1 children)

PSA: Android just published a patch for a very similar vulnerability in their September Security release. You should update your Android devices ASAP.

[–] [email protected] 14 points 1 year ago (1 children)

Which CVE is that and where can i read a description of how this vulnerability is being used?

[–] [email protected] 6 points 1 year ago

CVE-2023-35674 No real details published yet but Google discussed it in their September security bulletin.

[+] DocBlaze -71 points 1 year ago* (last edited 1 year ago) (4 children)

[deleted]

[–] elbarto777 53 points 1 year ago* (last edited 1 year ago)

Get off that high horse.

[–] [email protected] 21 points 1 year ago (2 children)

How do you block MMS from unknown senders on iOS?

[–] Drunemeton 6 points 1 year ago

Settings > Messages > SMS/MMS > MMS Messaging (uncheck)

And/Or

Message Filtering > Filter Unknown Senders (checked)

Those seem to be the likely options, but I’ve zero idea if those will work.

[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (1 children)

at this point most iphone users are very much used to reicive images within imessage and have already forgotten that mms existed or are too young to actually ever had to deal with it, so to them it's just yet another picture.

[–] SatansMaggotyCumFart 5 points 1 year ago

I'd never get random dick pictures that way though.

[–] [email protected] 17 points 1 year ago

Damn…so this isn’t the fun kernel level access exploit.

This is the boring, my data could be compromised exploit.

[–] [email protected] 11 points 1 year ago

Fuck, the NSO group managed that shit again?!

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago)

Article missing, here is the archive link. https://web.archive.org/web/20230908134811/https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/

Edit: able to access now but I'll leave it here just in case.

[–] [email protected] 2 points 1 year ago

ios "the more secure choice" try not to have a 0-day exploit challenge