Absolutely. I don’t follow the scene, but early in the iphone’s product life I distinctly remember a web-based jailbreak, where you loaded a page and then you could ‘slide to jailbreak’. I don’t know if user action was strictly required, or if it was a UX thing.
> Pegasus' iOS exploitation was identified in August 2016. Emirati human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering.
So the link was sent via text message, but you had to click on it. Receiving the text message did nothing in and of itself.
Do you regularly visit "hot-iphone-porn-apps.info" and other untrusted sites? Do you expect sites you do visit, like "google.com" or such, are going to serve up malware?
Do you expect hackers who build these very labor-intensive exploit chains will want to try and hit as many low-value targets as possible, leading to apple patching the exploit quickly, or to try and hit high-value targets only so it's not noticed by apple as quickly and can be used against more high-value targets to make more money in total than doing a "spray and pray" with it?
What thought process do you think would lead to using the exploit against as many people as possible vs selling it to zerodium.com or a similar company for more money than you can get from spraying, and then zerodium reselling it to israel to hack into the iphones of a few key palestinians?
> Do you expect sites you do visit, like "google.com" or such, are going to serve up malware?
With absolute certainty. Google ads has triggered downloads of Windows executables on NYtimes.com for me before and I am confident attackers will keep trying. The idea that advertisers get to run JavaScript on clients makes that problem effectively unwinnable even though they spend considerable amounts trying to make it hard to slip dodgy code into ads.
Because most people apply the software updates at some point, and this was fixed many years ago. Everything sold in the last years comes with a version of iOS that isn't vulnerable anymore.
> Everything sold in the last years comes with a version of iOS that isn't vulnerable anymore.
Famous last words.
(as far as i know they don't release just security patches for iOS, iOS patches introduce also new features, thus increasing the probability of new bugs).
My impression is that Apple fixes the majority of zero days _after_ they become public.
This site is very old by now and does not support recent firmware, but you can still use it.
JailbreakMe is the easiest way to free your device. Experience iOS as it could be, fully customizable, themeable, and with every tweak you could possibly imagine.
Safe and completely reversible (just restore in iTunes), jailbreaking gives you control over the device you own. It only takes a minute or two, and as always, it's completely free.
Please make an iTunes backup before jailbreaking.
> Has this happened before? That iPhones had a security hole that could be exploited over the web?
Yes, there were exploits in the past that could be exploited remotely, including some that were used for jailbreaking.
