zlacker

[parent] [thread] 4 comments
1. xenosp+(OP)[view] [source] 2019-07-02 18:09:52
iOS is probably looked at as well, but has to be done manually since there's no way to just do it with a simple app.
replies(1): >>z33k+y1
2. z33k+y1[view] [source] 2019-07-02 18:19:51
>>xenosp+(OP)
I'd wager that they have a enterprise certificate to sign the iOS app with. Then it's a matter of sending the spy victims to a URL, installing the app and granting access to photos/ location/ whatever.
replies(1): >>tomovo+l2
◧◩
3. tomovo+l2[view] [source] [discussion] 2019-07-02 18:24:44
>>z33k+y1
Nope.. the user would also have to open Settings and explicitly mark the vendor certificate as trusted.
replies(1): >>LocalH+da
◧◩◪
4. LocalH+da[view] [source] [discussion] 2019-07-02 19:13:26
>>tomovo+l2
It says the devices were unlocked then the device was connected. I would assume the device is in the custody of the Chinese authority at this point. Thus, they can just go into Settings and trust the cert.
replies(1): >>olliej+W23
◧◩◪◨
5. olliej+W23[view] [source] [discussion] 2019-07-03 22:19:24
>>LocalH+da
Changing trust settings on device requires the password.

Better question is: what are they able to pull off the device while it's unlocked?

[go to top]