zlacker

[return to "A case against security nihilism"]
1. amluto+RG[view] [source] 2021-07-20 23:44:41
>>feross+(OP)
One possible technical improvement is high quality honeypots. If Apple tried hard, they could arrange for certain iPhones to have instrumentation intended to detect and characterize these sorts of attacks. If every targeted user has a 0.1% chance of leaking the exploit vector to Apple, then mass exploitation becomes much more complex and expensive.

Doing this well would be hard, but even an imperfect implementation would have some value.

◧◩
2. refulg+8H[view] [source] 2021-07-20 23:46:16
>>amluto+RG
It might be hard to convince the privacy engineers to allow us access to a random sample of message attachments. What if we asked for a temporary 'root' access credential, that is only valid for 3 minutes per day?
◧◩◪
3. amluto+Ro3[view] [source] 2021-07-21 19:38:09
>>refulg+8H
Get users to opt in, both to participate and to analyze any given payload?
[go to top]