Outstanding iOS exploit

Forums › Apple iOS and devices › Outstanding iOS exploit

1024kb

1197 posts

Uber Geek
+1 received by user: 519

ID Verified

Lifetime subscriber

#280228 3-Dec-2020 09:50

Built by Google security researcher I4n Beer, working from home during his enforced Covid-19 lockdown, a contactless remote exploit that allows full control of your iPhone. There isn't anything more dangerous to privacy.

Responsibly reported & resolved by Apple in May 2020, the full write-up is available here: https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html

This isn't the first remote jailbreak exploit. I believe it's the first completely contactless exploit requiring zero user interaction though.

So, what did you do during lockdown?

Everybody: Stayed home

I4n Beer: Stayed home & built this

Megabyte - so geek it megahertz

Benjip

977 posts

Ultimate Geek
+1 received by user: 524

ID Verified

#2615444 3-Dec-2020 10:23

I hope he got a nice fat bounty from Apple for this – looks like it would be $500,000 or $1 million USD depending how they'd classify it.

1024kb

1197 posts

Uber Geek
+1 received by user: 519

ID Verified

Lifetime subscriber

#2615513 3-Dec-2020 12:18

Apple don't pay him for his discoveries, being a Google security researcher.

He tweeted Tim Cook in August, asking him to allow Ian Beer into the Apple Bounty program & he would donate the bounties paid to Amnesty International.

**how to embed tweets?**

See he listed 30 vulnerabilities that he's responsibly disclosed to Apple since 2016 with a total value of $US2.5 million - unpaid, every one of them.

This one, the mother of all exploits, has a payout of $US500k. He's trolling Tim Cook right now.

Megabyte - so geek it megahertz