An Interest In:
Web News this Week
- April 27, 2024
- April 26, 2024
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
May 17, 2020 03:34 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/lNLAXI87y6w/complaining-of-surplus-of-ios-exploits-zerodium-stops-buying-them
Complaining of 'Surplus' of iOS Exploits, Zerodium Stops Buying Them
wiredmikey writes: An abundance of iOS exploits being submitted to be sold should alarm iPhone/iPad users, according to the CEO of exploit acquisition firm Zerodium. The company announced that it was no longer buying certain types of iOS exploits in the next two to three months [including local privilege escalation, Safari remote code execution, and sandbox escape exploits] due to a surplus. And the company expects prices to drop in the near future. "iOS Security is fucked," Chaouki Bekrar, CEO of Zerodium said on Twitter, noting that they are already seeing many exploits designed to bypass pointer authentication codes and a few zero-day exploits that can help an attacker achieve persistence on all iPhones and iPads. "Let's hope iOS 14 will be better," he added. Bekrar said that only pointer authentication codes — which provide protection against unexpected changes to pointers in memory — and the difficulty to achieve persistence "are holding [iOS security] from going to zero."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/lNLAXI87y6w/complaining-of-surplus-of-ios-exploits-zerodium-stops-buying-them
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot