zlacker

[parent] [thread] 3 comments
1. z33k+(OP)[view] [source] 2019-07-02 18:19:51
I'd wager that they have a enterprise certificate to sign the iOS app with. Then it's a matter of sending the spy victims to a URL, installing the app and granting access to photos/ location/ whatever.
replies(1): >>tomovo+N
2. tomovo+N[view] [source] 2019-07-02 18:24:44
>>z33k+(OP)
Nope.. the user would also have to open Settings and explicitly mark the vendor certificate as trusted.
replies(1): >>LocalH+F8
◧◩
3. LocalH+F8[view] [source] [discussion] 2019-07-02 19:13:26
>>tomovo+N
It says the devices were unlocked then the device was connected. I would assume the device is in the custody of the Chinese authority at this point. Thus, they can just go into Settings and trust the cert.
replies(1): >>olliej+o13
◧◩◪
4. olliej+o13[view] [source] [discussion] 2019-07-03 22:19:24
>>LocalH+F8
Changing trust settings on device requires the password.

Better question is: what are they able to pull off the device while it's unlocked?

[go to top]