Might be a slightly self-indulgent thread, but how exactly does Apple suppose that security researchers will do this without running across anti-research minefields that Apple has intentionally laid down to block exactly this kind of research?

8:57 PM ยท Aug 13, 2021

4
55
3
225
Are they going to do static analysis of the binary? Ok. But iOS binaries are intentionally stripped of non-essential symbols precisely to make this kind of analysis harder.
1
5
0
51
How about dynamic analysis? Unless Apple is planning on giving the iCloud app the get-task-allow permission so you can attach a debugger, that would be out of the question on an vanilla iPhone. You'd need to resort to jailbreaks, or, heaven forbid, a Corellium device
2
5
1
54
Analysis of the binary itself is not even sufficient if Apple itself is in your threat model; the kernel sits underneath it, and is enormous and, you guessed it, also symbol stripped to frustrate reverse-engineering.
1
4
0
43
That's even before we get into the various encrypted firmwares where you can't even see the binary, or the apps on the device that are partially or fully encrypted.
2
1
0
33
Perhaps one way would be to write your own app to find unusual ways to compute the master hash and validate that it is valid, without relying on static graphical elements that hackers or Apple could surgically manipulate. But you think that app would get past AppStore review?
1
1
0
33
And notice the implicit assumption here in the first place. Security researchers *will* do the review, fighting over all of the obstacles intended to make actually doing the review simple. For free. Why? Why is this considered acceptable?
4
14
0
70
Does Apple ask other auditors for free labor after setting them up to fail? "Hi accountants, our calculation on this napkin is correct and the warehouse of receipts is subject to inspection by accountants who wish to verify it'? Of course not. Only this industry gets screwed.
1
9
0
82
Apparently someone at Apple realized just how much of a pandora's box client side scanning is and so dropped their suit against Corellium so it would be easier to look. Wouldn't surprise me if that wasn't nearly enough.
0
2
0
4
Replying to @pwnallthethings
This sounds like an important observation I fail to understand.
0
0
0
1