- The update now clears the shutdown log each boot.
> This led to the conclusion that a cleared shutdown.log could serve as a good heuristic for identifying suspicious devices.
> With iOS 26 Apple introduced a change—either an intentional design decision or an unforeseen bug—that causes the shutdown.log to be overwritten on every device reboot instead of appended with a new entry every time, preserving each as its own snapshot. This means that any user who updates to iOS 26 and subsequently restarts their device will inadvertently erase all evidence of older Pegasus and Predator detections that might have been present in their shutdown.log.
sevg [3 hidden]5 mins ago
The article doesn’t define “IOC”, so if (like me) you didn’t know the abbreviation: Indicators Of Compromise.
(They actually do use the expanded form in the article, just without some parentheses afterwards on the first usage of the phrase.)
Maybe everyone but me knows the abbreviation, but in case it helps _someone_ out there!
Polizeiposaune [3 hidden]5 mins ago
The US military also uses IOC = "Initial Operational Capability" (as distinguished from FOC: Full Operational Capability):
Thank you. The only IOC I know of is the International Olympic Committee.
bnastic [3 hidden]5 mins ago
Or if you work in trading, IOC made it a very confusing title
CaptainOfCoit [3 hidden]5 mins ago
I'm a programmer, designer and architect, so my mind immediately went to "Inversion of Control"
misnome [3 hidden]5 mins ago
Or Input/Output Controller (scientific facility control layer tech)
KernalSanders [3 hidden]5 mins ago
Thank you for this!
Abbreviations and acronyms are highly inefficient if not defined clearly and up front. It also creates a division between those who know and those who don't.
I absolutely detested seeing "ISO" suddenly everywhere on Facebook and Nextdoor in place of "in search of". If you didn't know that before, you know it now, but you may also be annoyed by it not being about the international organization for standardization, which also goes by ISO, but not for any reason people would magically guess, without a background in Greek. (ISO explains that, since the acronym would differ in every language, ISO is actually derived from isos, which means "equal". Happy coincidence that it almost matches the name of the organization, but could also become obscure with time and lost history.)
For our company, I've been very clear that we don't make up acronyms unless a layperson could reasonably guess what it stands for, and also not confuse it for something else.
alexjplant [3 hidden]5 mins ago
The web already had terminology for this in online enthusiast forums: WTB (Want to Buy), FS (For Sale), FT (For Trade), etc. The slow death of the open web in favor of platforms has evidently caused a lot of rework like this. Other notable examples include backwards emoticons (: and DM instead of PM.
CaptainOfCoit [3 hidden]5 mins ago
> It also creates a division between those who know and those who don't.
Yeah, it's called "expertise" and it isn't as bad as you seem to think. Blogs for security professionals will use jargon and technical words aimed at other security professionals, and that's OK, not everything on the web is for everyone.
Just like how in my game development blog I don't explain what a "loop" is because I'm assuming the audience knows basic programming already, otherwise every article would be balloon out of scope easily.
eviks [3 hidden]5 mins ago
Good that you added quotation marks, because otherwise it is as bad as he thinks - the typical bad technical communication, wasting the whole first page saying ~nothing with some AI slop image to boot, but not thinking about adding 5 symbols, yes, of course, out of the imaginary fear that the article would "balloon out of scope".
riehwvfbk [3 hidden]5 mins ago
TLAs are not basic knowledge, or expert knowledge. They are expertise theater.
akerl_ [3 hidden]5 mins ago
A quick skim of https://iverify.io/blog makes it seem pretty clear that iVerify’s audience is people who are interested in security, not just existing industry experts.
CaptainOfCoit [3 hidden]5 mins ago
But then skim the submission article and try to evaluate which audience it seems written for.
Considering they have stuff like "Located within the Sysdiagnoses in the Unified Logs section (specifically, Sysdiagnose Folder -> system_logs.logarchive -> Extra -> shutdown.log)" in the article, my guess is that they're aiming for people who at least have a basic understanding of security, not general users, as those wouldn't understand an iota of that.
eviks [3 hidden]5 mins ago
Considering there is actualy not an iota of technically security challenging stuff (specifically, any computer user can understand your quote that there is a log file located at some path, there is 0 security understanding required there), using your own logic we can deduce the general audience was the target
CaptainOfCoit [3 hidden]5 mins ago
The typical/general computer user wouldn't even understand the ">" character, I think you either don't grasp the wide range of people who sit in front of computers daily, or you over-estimate their ability of grasping computer concepts, because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.
eviks [3 hidden]5 mins ago
That's fine, you don't need to understand the > character, it clearly says there is some log file located at some folder.
> because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.
Yeah, do try that, just not your cut version focusing on the irrelevance of a specific path and the meaning of >, but the whole paragraph. Do see how many people fail to understand that there was some file at some folder. You could even ask extra SAT questions "what do you thing a "shutdown log" is, does it record activities during device shutdown?")
akerl_ [3 hidden]5 mins ago
This argument seems neatly circular.
Any example where somebody says an article doesn’t do a great job defining its terms just becomes proof that the authors only wanted readers who already understand the terms.
pcthrowaway [3 hidden]5 mins ago
I think it's fine for the magazine, but I would have liked to see it expanded in the HN submission title, since many of us are not cybersecurity specialists.
CaptainOfCoit [3 hidden]5 mins ago
Some stuff is written for some people, other stuff is written for other people. This shouldn't be hard to understand, nor particularly novel either.
integralid [3 hidden]5 mins ago
I assume this blog post is targeted for the security community, where IoC is universally understood. Of course it is confusing on HN, but authors are free to assume their audience - like we don't define what HTTP, MVC and "btw" mean every time we use it. Or, for a better example, HN and YC are used here all the time, but would be confusing for outsiders (and should be defined outside of HN context).
DonHopkins [3 hidden]5 mins ago
Thank you! I had no idea what IOC stands for in that context either, and appreciate the definition.
In other HN discussions there have regularly been divisive gatekeeping trolls who, in response to people asking what acronyms stand for and suggesting articles like this define them after their first use, are inexplicably and vehemently opposed to defining acronyms, and who argue incessantly that acronyms should not be defined because everyone should already know what they are, and criticize people who don't already know, because they are meant to be excluded from the discussion. What possible motivations could they have?
I just don't understand that mindset, but I suspect there's a big overlap between them and the trolls who regularly throw tantrums about accessibility, usability, diversity, equity, and inclusion, and see empathy as a weakness, since it's a similar exclusionary mindset.
The anti-accessibility trolls are incredibly foolish and short sighted (pun intended) to not realize that unless you are "lucky" enough to die at an early age, EVERYONE is going to need and benefit from accessibility and inclusive interface design.
Edit: Oh I see one of them has dropped in and taken their precious time to argue back and forth in several posts, with orders of magnitude more words and off-topic noise than it would have taken to simply define the acronym in the first place and move on, thereby undermining their own circular arguments. What a sowapphtdo (strange obsession with a particularly pointless hill to die on)!
I like riehwvfbk suggestion: "expertise theatre". (But what does riehwvfbk stand for? ;)
If we didn't already know this, Apple's previous positioning as the privacy company was just branding with zero actual conviction behind it. Now, just as ICE contracts with Paragon for zero-click spyware that bypasses encrypted apps, Apple erases the key forensic artifact for detecting state-sponsored mobile surveillance. Along with Cook's cash-and-gold-for-tariff-exemptions scheme, they're racing to the bottom with the rest of big tech.
vlovich123 [3 hidden]5 mins ago
> Apple's previous positioning as the privacy company was just branding with zero actual conviction behind it
As someone who actually worked there a decade ago, that doesn’t reflect the attitudes and positions of people I worked with then. And many people generally tend to stay working at Apple for long periods of time.
I can’t speak if that’s changed or other things happening, but this could easily be just a late-introduced bug as it wasn’t present in earlier betas as someone noticed - my expectation would be such a change would be present quite early. I would be very very surprised something this insignificant was a late introduced change at the request of the government - Apple historically just doesn’t act that way (see the San Bernardino row over unlocking the iPhone for the FBI).
benzible [3 hidden]5 mins ago
I'm sure the people you worked with still care about privacy, but these decisions get made at the top regardless of what rank-and-file employees think. Apple employees donated nearly 20:1 for Harris over Trump, so we can safely assume they weren't supportive of Tim Cook presenting him with gaudy personal gifts or allowing Stephen Miller to curate the App Store. I suspect Cook personally loathes Trump, in contrast to other CEOs like Zuck, and now Benioff, who are clearly all in. He may even sincerely care about privacy himself, however he's shown zero backbone.
vlovich123 [3 hidden]5 mins ago
I have literally 0 times in my career observed a change like this come from the top. Maybe it happens but somehow I doubt it. A non trivial part of the market cap of Apple is built around trust, privacy, and security. You may think whatever you want of the quality of the people at any level, but I’d imagine they’re all aligned on protecting the brand be their financial future. They aren’t driven by short term bets and thinking.
int0x29 [3 hidden]5 mins ago
Apple's response to XCodeGhost was to draft a breach notification to everyone impacted and then not send it as it would impact their brand.
vlovich123 [3 hidden]5 mins ago
Public comms is decidedly a leadership decision at all times - you don’t have ICs or even managers spouting off in the press or releasing press releases. They may have mishandled it but that’s their purview and yes it can impact their brand although I’m not sure I’m seeing the long term negative ramifications from that and they made technical changes to mitigate such issues going forward. That is all very different from management making an IC develop a single specific more obscure technical change like this.
techsystems [3 hidden]5 mins ago
Any article you recommend on this?
benzible [3 hidden]5 mins ago
I'm sure that's true, but your personal experience as [presumably] rank-and-file wouldn't have given you visibility into C-suite machinations. The ruling in the App Store case this year documented that Cook personally overruled Schiller's compliance recommendations, made the decision to violate the judge's court order on fees, and then tried to hide those meetings from the court - resulting in contempt findings and a criminal referral. Those are top-down decisions, on the record, with executives lying about it, which wouldn't have been known outside the inner sanctum but for this case. Not at all consistent with "trust", in a matter that directly harms consumers.
Regarding the basis of Apple's market cap, I would suggest that profitability ranks a bit higher than privacy. Apple's potential tariff burden was $44 billion annually, reduced to $7 billion after Cook plied the mad king with flattery, gold and cash. Apple had lost $300 billion in market value before Trump exempted smartphones, then immediately regained its $3 trillion market cap.
Privacy is nice brand positioning, but the truth behind it was always that Apple wasn't beholden to "surveillance capitalism" like the other tech behemoths as hardware was their primary profit center. This allowed them to take the high ground on this one, while coincidentally kneecapping Meta and others with App Tracking Transparency - which cost Meta an estimated $10 billion in 2022 alone and hit Google as well. But ATT only blocks third-party tracking across apps and websites - it doesn't apply to Apple's own growing advertising business, which uses first-party data from the App Store, Apple News, etc. Apple claims they don't "track users across apps and websites owned by other companies" - but they absolutely track within their own walled garden for their expanding ad business.
And the iOS 26 removal of Pegasus/Predator detection artifacts right as ICE activates Paragon spyware contracts? Maybe a coincidental bug, maybe what happens when keeping Trump happy is worth tens of billions.
vlovich123 [3 hidden]5 mins ago
Again you’re talking about decisions that C suite will decidedly care about and be their purview to make. First the App Store stuff wasn’t a privacy or security thing - this is Apple deciding how to navigate the EU regulatory environment. A CEO exists precisely to make these kinds of decisions.
I’ll point you to Apple developing the privacy-preserving CSAM scanning feature which got approved at lower levels and then got pulled back when it actually started hurting their brand. They respond to this stuff and I don’t think perfection is a reasonable bar.
> And the iOS 26 removal of Pegasus/Predator detection artifacts right as ICE activates Paragon spyware contracts? Maybe a coincidental bug, maybe what happens when keeping Trump happy is worth tens of billions.
And if iOS 26.1 or 27 restores previous behavior or does that change the narrative you’ve built in your head and you’ll just say “of course - they just got caught”? If you can’t falsify your narrative there’s no point having a constructive argument - I can’t factually argue you out of a position you didn’t argue yourself factually into.
JumpCrisscross [3 hidden]5 mins ago
> your personal experience as [presumably] rank-and-file wouldn't have given you visibility into C-suite machinations
But yours does?
I know some fairly high-up folks in Cupertino. They care about privacy more than the median American, possibly the median techie. They overshot in San Bernardino precisely because they were internally calibrated off the political mark.
Aurornis [3 hidden]5 mins ago
> Apple employees donated nearly 20:1 for Harris over Trump, so we can safely assume they weren't supportive of Tim Cook presenting him with gaudy personal gifts
Every company works with whoever gets elected. This isn’t new. It isn’t indicative of political support. It’s just how business is done.
bigyabai [3 hidden]5 mins ago
That makes it that much easier to stop supporting them, in my eyes. Tim has the option to draw the line in the sand, but he's reliant on protectionist US control more than ever now.
benzible [3 hidden]5 mins ago
This isn't 'business as usual' on multiple levels.
First, I never claimed Cook "supports" Trump - as I said, I suspect he personally loathes him. The point is that corporations are making unprecedented concessions to avoid Trump's wrath.
Second, companies push back on government constantly when it serves their interests. Apple previously fought the FBI over privacy, but more typically companies push back or evade the law for financial benefit, not principles. When penalties are low enough they accept them as the cost of doing business, e.g. Meta's consistent, willful FTC consent decree violations.
Third, openly bribing a sitting president with a 24-karat gold gift is not normal corporate behavior. The Trump administration has used state power to control private enterprise in a completely unprecedented way: tariff threats as extortion, DOJ investigations targeting companies over DEI programs, prosecution of high-profile figures who resist - mostly political enemies so far but Zuckerberg faced threats of "life in prison" before he showed sufficient fealty.
I'm waiting for the whataboutism replies here, and executive overreach was a thing in the past, but Trump has fundamentally changed the character of the US system of government. The enabling environment is unprecedented: a Congress with zero interest in oversight and a Supreme Court granting immunity for official acts. When you combine unlimited executive power with no checks, corporate capitulation isn't "just business" - it's rational fear of an authoritarian using every lever of government to punish dissent.
neilv [3 hidden]5 mins ago
Can we assume that Apple will continue to fail to secure the iPhone against these spyware companies?
Gigachad [3 hidden]5 mins ago
Memory integrity enforcement added to the iPhone 17 range is probably going to be huge for preventing future exploits. At risk people should probably also enable lockdown mode.
bigyabai [3 hidden]5 mins ago
Blastdoor was also supposed to be "huge" for preventing future exploits. Worked great up until NSO Group developed FORCEDENTRY.
hulitu [3 hidden]5 mins ago
> Can we assume that Apple will continue to fail to secure the iPhone against these spyware companies?
Fail is an overstatement. Apple is part of PRISM and the functionality is working as intended. When a hole becomes public, it is quickly patched.
JumpCrisscross [3 hidden]5 mins ago
> Apple is part of PRISM
PRISM was semi voluntary. And the legal immunities it operated under expired in 2017.
udev4096 [3 hidden]5 mins ago
This. Apple, along with every "evil big tech", is in bed with NSA which was proven with PRISM
Hilift [3 hidden]5 mins ago
"fail to secure"?
Do you really think that with all of the years of iPhone device and account takeovers, from a text message requiring no reading or interaction, Apple with their maximum controlled walled garden aren't facilitating? Apple spent billions moving factories because the US government told them to. They are the keymaker.
Apple could do a lot of things, such as preventing the black market for stolen phones from existing. A single city, London, had 80,000 phones stolen in 2024.
"...Onwurah argued that "robust technical measures" such as blocking stolen phones taken overseas from accessing cloud services could make devices "far less valuable".
"She also pointed to comments by Mobile UK, the trade association of the UK's mobile network operators, who said blocking IMEI in other countries was a "necessary step to dismantle the business model of organised crime".
"However, she said when giving evidence, Apple, Google and Samsung had avoided saying why they would not implement the technology." <--**
>Apple could do a lot of things, such as preventing the black market for stolen phones from existing. A single city, London, had 80,000 phones stolen in 2024.
Doesn't iCloud lock basically already makes a stolen iPhone unusable? What more do you want?
dylan604 [3 hidden]5 mins ago
To be able to lock a phone without having access to the iCloud account. If I have devices on my account that was provided to someone to use with their own iCloud account but they refuse to turn them over to me, there is no way I can shut that account down. I can report the IMEI as stolen, but they are free to continue using it as a wifi only device. If they attempt to move the device to a new provider, they are supposed to say no since the IMEI is reported stolen. Not sure how well the lower tier providers pay attention to that though.
TL;DR if the device is stolen from you by a stranger, this is possible. If the device is stolen from you by someone you permitted to use the device, this is not possible
gruez [3 hidden]5 mins ago
>TL;DR if the device is stolen from you by a stranger, this is possible. If the device is stolen from you by someone you permitted to use the device, this is not possible
I suspect these kinds of thefts are a small fraction of the "80,000 phones stolen in 2024" that OP was talking about. Moreover the only plausible case I can think of this happening is for corporate devices, which can be MDN enrolled and locked to a particular organization.
dylan604 [3 hidden]5 mins ago
Small business (<5 people) that doesn't have an IT staff. Even a civil case is too expensive to do anything about it.
gruez [3 hidden]5 mins ago
Your expectations are entirely unreasonable. Apple already provides a way for businesses to lock their devices through a web interface, which might require 1-2 hours for a non-technical person to figure out but doesn't exactly need a whole IT department to operate either. It's certainly not out of reach for "Small business (<5 people)". On the other hand you want Apple to get into the business of locking phones on demand, which is both labor intensive (you need people to manually validate each case) and prone to abuse (eg. in the case of second-hand sales). This is like expecting you should be able to walk into any Apple store and request any iPhone you "own" to be remote wiped/locked, just because you're too lazy to set up a pin/iCloud on your phone.
dylan604 [3 hidden]5 mins ago
I want to be able to lock the devices. I don't want apple to do anything. It's a shit situation. It doesn't mean that I don't still want something that can't be done. You're also victim blaming here, and it's definitely not helpful or even appreciated. Yes, someone put trust, however unwarranted it may have been, in someone without considering the worst outcome. Sure, lesson learned, but piling on to what's obvious someone else's misery is just a big fuck you so early in the weekend. Your heartlessness is awesome. This is like you thinking you know all of the details when you clearly don't
gruez [3 hidden]5 mins ago
> I want to be able to lock the devices. I don't want apple to do anything. It's a shit situation. It doesn't mean that I don't still want something that can't be done.
So to confirm, you don't want Apple to remote lock phones after a theft, and you can already lock phones before a theft. What's missing? Do you want them to put a placard in every iPhone box reminding small businesses owners to lock their phones with MDN?
>You're also victim blaming here, and it's definitely not helpful or even appreciated.
You playing "victim blaming" card to dismiss arguments isn't appreciated either. It's not "victim blaming" to point out that contrary to what you claim, Apple provides ways to lock phones and that they're not particularly onerous.
hopelite [3 hidden]5 mins ago
I’m not sure of the whole dynamic of the stolen phone black market, but if iPhones are still stolen, it seems iCloud lock does not sufficiently deter the practice.
gruez [3 hidden]5 mins ago
Right, because they're broken down for parts, but there's only so much you can do. For one, every time Apple tries to do something to lock down parts, right to repair people decry it as some sort of trojan horse to shut down third party repairs. Moreover even with parts serialization, there's only so much you can do. There's no inherent way for a bag of electrolytes to identify itself to a phone. The best you can do is add a chip to it and identify using that, but you can't prevent that chip from being transferred.
bigyabai [3 hidden]5 mins ago
Apple can do parts lockdown while also allowing users to service their phone safely with third-party components. The Right to Repair crowd gets angry not because of parts serialization, but because Apple uses it as an excuse to stop you from fixing your phone and reinforce monopoly control.
labcomputer [3 hidden]5 mins ago
How do you distinguish between a legitimate third party component and a stolen one with the serial number wiped?
udev4096 [3 hidden]5 mins ago
Why is iCloud lock such a casual, non-concerning topic? It just shows you don't own your over priced iCrap because iClown can remotely brick it at any point
throwaway48476 [3 hidden]5 mins ago
You cant solve thefts with just technology. You need to lock up the criminals.
throwaway48476 [3 hidden]5 mins ago
Apple isn't even trying to secure the iPhone. They could have rewritten the imessage parsers in a memory safe language. It would at least take a big byte out of the zero click exploits.
udev4096 [3 hidden]5 mins ago
It's been there from the beginning. Apple is very good at deceptive marketing, from promising false privacy protections and impossible to repair to lying about being eco friendly. Apple users are extremely naive, stupid and loves to live in denial of Apple's wrongful and outright manipulative actions.
If you are a high target or require better privacy & security, GrapheneOS is the best option which delivers on everything it promises
saagarjha [3 hidden]5 mins ago
I guess at scale every minor fix is a spacebar heater for someone else. I assume Apple is probably going to bring this back to pacify the iVerify people but long term they are going to keep making these changes and mercenary spyware is going to learn how to hide itself better. I really think it’s time to start thinking about strategies that go beyond forensic artifacts…
isodev [3 hidden]5 mins ago
> I assume Apple is probably going to bring this back to pacify
Pegasus and Predator were VERY widely publicised exploits in iOS, I find it shortsighted for Apple not to have control over how these get identified in the first place.
It's also frustrating that the entire "your iPhone is safe and private" assumption is a black box and we only have Fruitcorp's assurances that they're doing the right thing. So imagine, people finding all kinds of bugs on iOS26 ... how is one to believe these bugs and glitches don't extend into security features as well?
saagarjha [3 hidden]5 mins ago
Obviously they do, hence the market for exploits. I'm not sure what you are suggesting they do differently, though.
isodev [3 hidden]5 mins ago
The opposite of what the blogpost informs us they did? Provide more tools and systems to discover and diagnose vulnerabilities, make components open source/open audit, etc. There is non perfect system, but a closed imperfect system is worst.
saagarjha [3 hidden]5 mins ago
I agree but the blog post is completely orthogonal to that
darkamaul [3 hidden]5 mins ago
I’d assume that erasing the shutdown log is also a security measure from Apple, attackers could use it to better understand crash conditions or device behavior.
That said, if we take Apple’s stance on privacy seriously, users should also have deep inspection capabilities on their own devices. After all, they’re supposed to own them.
throwaway290 [3 hidden]5 mins ago
An attacker during research would root the device anyways and find any crash conditions even better than shutdown.log. 99.999% users will not root. So this targets users.
charcircuit [3 hidden]5 mins ago
>After all, they’re supposed to own them.
Just because you own a device, that doesn't mean the manufacturer is obligated to add features you want.
user2722 [3 hidden]5 mins ago
I think he/she was being ironic. You either own it or Apple owns it.
Since there is no sideload and the criptographic keys belong to Apple, then the device belongs effectively to Apple and you just rent it for a fixed fee.
You can't both own it and not own it depending on the situation, thus exposing Apple's hypocrisy as a well-intended parentified gatekeeper just protecting the users/childified adult users.
brookst [3 hidden]5 mins ago
> I think he/she was being ironic. You either own it or Apple owns it.
That’s really reductive thinking. I guess the idea is to blur all the different connotations of “own” into one thing and assert they are all the same?
I “own” a car, but am not allowed to drive it in some situations (if I’m drunk, on the wrong side of the freeway, …). Does that mean the state actually owns it?
Disregarding context in favor of reductive binaries is the #1 sign of zealotry. You see it everywhere: either a movie is original or it’s not, so Avatar is / isn’t (pick one) because it follows familiar tropes / innovated in visual arts (pick one).
The world is actually contextual. The moment you throw that out, no meaningful statement can be made.
treyd [3 hidden]5 mins ago
> Does that mean the state actually owns it?
By registering the car and obtaining a license you are agreeing to obey the rules set out by the state in exchange for permission to use the roadways.
To steelman the argument, you could argue that by using an iDevice you are using Apple's services and agree to follow the rules set out by them. But there is no such possible way to use an iDevice without relying on Apple's services.
With a car you can have it delivered and only use it off public roads on your own property. That would be a lot less useful, but it is something people do sometimes, such as with vintage/museum cars, race cars, construction/farm/mining vehicles, etc.
It's always your vehicle. The issue is the roads not the vehicle. But with an iDevice, even if it's legally "your phone", it's been designed to be impossible to do whatever you want with it within the bounds of the law, which weakens the traditional notion of what it means to "own" something (ie "right of disposal").
Again to steelman it, the retort is "Apple has the right to manufacture devices in alignment with protecting their business model, if you don't like it then buy other devices". Which is fine normally, except that the only other major similar device manufacturer is starting to do similar kinds of things and our society increasingly depends on the assumption everyone has a phone.
So what's increasingly becoming the scenario is that you have a choice: either allow your rights over your own property be infringed, or allow your ability to participate in society be infringed.
smikhanov [3 hidden]5 mins ago
> But there is no such possible way to use an iDevice without relying on Apple's services.
There is. One can go through the iPhone setup wizard and opt out of everything. You don’t need to have any accounts, neither iCloud nor App Store one, or to be logged on to any Apple services to use your phone.
Someone who knows more about iOS than both you and me could comment further on whether subtle things like aGPS would continue to function as expected, but everything you specifically thought of when you wrote “to use an iDevice” would work.
leni536 [3 hidden]5 mins ago
> I “own” a car, but am not allowed to drive it in some situations (if I’m drunk, on the wrong side of the freeway, …). Does that mean the state actually owns it?
No, it means that the state owns the freeway.
voakbasda [3 hidden]5 mins ago
It means the state owns you.
charcircuit [3 hidden]5 mins ago
Goods for the mass consumer all work like this. The manufacturer creates a product and consumers by it if those features provide them value. If a device doesn't have a feature such as online diagnostics they are free to buy a different product instead. If people really want to add their own features they are free to modify the device. It's more economical to just buy another device which is why you don't see people replacing the parts needed to develop your own software on an iPhone. Easy user modification of the OS is not a feature of iPhone and if added could hurt the quality of the product.
Another way to think of this is imagine if Apple burned the OS into a ROM chip. That doesn't make them the owner of the device because the user can't write to the ROM chip. By that logic no one would own the device because no one can update it, but that can't really be true.
kace91 [3 hidden]5 mins ago
I think a difference is that apple has the means to change the behavior of the device after the fact in ways that the person that purchased the product doesn’t.
This is unique to modern technology, and the fact that they sell you the house keeping sole ownership of the keys to certain rooms is indeed worth examining I think.
cbarrick [3 hidden]5 mins ago
> If people really want to add their own features they are free to modify the device.
Except that they are not actually given that freedom.
The entire notion of free software is that users should be free to modify the software stacks of their devices.
Very few consumer devices are free in that sense. You can't run a custom OS on an iPhone.
brookst [3 hidden]5 mins ago
Free software is a value prop, not a law. And it is counter to the value prop that one entity is entirely responsible for all of the software (even if Apple doesn’t write every line of code, they are responsible for every bit that ships).
Not everyone cares about the bits. It’s true that the vast majority of consumers prefer having a single supplier to having freedom to run their own bits.
sim7c00 [3 hidden]5 mins ago
what privs u need to read shutdown log vs what privs u need to see running programs?
apple always trying to hide things and lock people more out of how the device works. they use privacy as an excuse and even sue and jail ppl who try to look at things properly.
frontfor [3 hidden]5 mins ago
When did Apple “sue and jail ppl” for “try to look at things properly”? I’m pretty sure Apple isn’t legally allowed to jail people.
> If you care about your iOS device security.. reboot every day.. writes a list of running processes to this shutdown.log file.. If you have processes that shouldn't be running, they will get written to this shutdown.log file.. allows you to go back in time and check for IOCs.
nl [3 hidden]5 mins ago
It seems like the author's don't believe this was a deliberate attempt by Apple to hide Spyware:
> Consider holding off on updating to iOS 26 until Apple addresses this issue, ideally by releasing a bug fix that prevents the overwriting of the shutdown.log on boot.
darkoob12 [3 hidden]5 mins ago
I always suspected someone inside Apple is making sure that these phones stay vulnerable for Israeli hackers or they don't really fix their bugs.
notepad0x90 [3 hidden]5 mins ago
it's possible,but iphones are apple's flagship product. it would be disastrous for them. i don't think any government contract is worth the cost. They're not google or Microsoft, they're not that big in the enterprise side of things.
I'm sure if such a relationship became public,most Americans will forget about it in few weeks time and half will be surprised what the big deal is. But apple will lose out on Asia and Europe where it has solid competition. Their hardware is their bread-and-butter.
It is more plausible for the US government to have planted or extorted an asset working as a developer at apple than apple itself making such a monumentally foolish decision.
Google and Microsoft on the other hand, that I am fairly certain of.
But... i digress a bit, only because Tim Cook was kissing the proverbial king's ring a lot lately. donations are one thing, giving gold gifts in person and on national tv is another.
sschueller [3 hidden]5 mins ago
Tim Cook gifted trump a gold base with a glass plate on it like some peasant to a king in front of camers. Apple will bend over backwards to please governments so don't be surprised when it turns out not everything is as secure as claimed in their walled garden.
throwaway48476 [3 hidden]5 mins ago
Aren't gifts to the president kept by the government? In the US usually bribery is done by giving jobs to relatives or favorable contracts.
mrbombastic [3 hidden]5 mins ago
Bribery can be done in a myriad of ways but the gift itself is not the valuable thing, it is the display of fealty.
nl [3 hidden]5 mins ago
I'm not a particular fan of Apple but the gold thing seemed like a good, cheap way to get on Trump's good side, which led to them somehow magically avoiding tariffs.
I don't think I'd read more into it than that.
jlarocco [3 hidden]5 mins ago
Yeah, that's always how bribery works.
From Wikipedia: "Bribery is the corrupt solicitation, payment, or acceptance of a private favor (a bribe) in exchange for official action."
brookst [3 hidden]5 mins ago
Yes, everyone knows. It was transparently a bribe.
But let’s not motte bailey that into proof that Apple intentionally ships backdoors.
pprotas [3 hidden]5 mins ago
Yes, that is exactly the problem. No need to read more into it.
zimpenfish [3 hidden]5 mins ago
> the gold thing seemed like a good, cheap way to get on Trump's good side
Which, whilst morally repugnant, does make business sense - if Apple got hit by tariffs or other penalties, you can be sure the Carl Icahn style leeches would be popping out of the woodwork complaining that Tim Cook was ruining Apple / the share price / etc. and trying to orchestrate shareholder and/or board revolts.
(And Good Lord, imagine the threads on here if Apple's value dropped just because Tim Cook didn't give a hideous piece of tat to Trump.)
demarq [3 hidden]5 mins ago
It wouldn’t be a disaster, Apple already donates to the IDF. They literally have IDF among their staff.
How is none of this public knowledge
vlovich123 [3 hidden]5 mins ago
Active serving IDF are also employed by Apple? I know there’s a lot of ex-IDF people in Silicon Valley but since the IDF is mandatory all it means is ex-Israeli people. They could still be secretly working for the Mossad but that’s generally something you can claim true of all foreign nationals - they’re also possibly just normal people with talent and experience.
demarq [3 hidden]5 mins ago
I’d like to clarify with a couple of questions.
- Are you saying that you believe apple is picking someone who is a real wizz with css, but because of the country’s laws they had to serve with the IDF?
- Are you saying the formality of having to be a former of your previous employer, as part of taking on new employment is to be unexpected in any way?
vlovich123 [3 hidden]5 mins ago
I really don’t understand the questions and they bely an ignorance of things or are intentionally provocative (and not coherent) but I’ll try.
Firstly, the exploits in play would not be introduced by a “css whiz kid” first of all. Creating holes for rootkits like Pegasus requires deep low level expertise.
Secondly, AFAIK all the teams that would be involved on working on that are located in Cupertino - so these people had to relocate to the US.
But yes, I think finding anyone who was a child in Israel and didn’t serve in the IDF is very difficult. This is doubly-so for the tech sector since the IDF is often where they obtain their initial technical education and are serving between 18 and 21.
Unless you’re blanket just going to disallow recruiting from Israel or hiring people who moved from Israel to the US and might even be US citizens. But then you’re also going to have to explain why you’re applying this policy to Israelis and not Koreans, Singaporeans, Taiwanese, Norwegians, who have similar mandatory service requirements (plenty of countries do).
I’m not saying that Mossad don’t try to get their own secret agents working long term undercover in these places. But that’s also true of other secret services of enemies and allies alike and I would think they’re less likely to generate exploits intentionally and more likely to gather information and look for exploits by having access to source, documentation, and able to get information from peers. But Israelis having previously worked in the IDF doesn’t really provide any signal to me on the motivations or beliefs of that person.
demarq [3 hidden]5 mins ago
> But Israelis having previously worked in the IDF doesn’t really provide any signal to me on the motivations or beliefs of that person
You know what, you’re absolutely right. But you’d be wrong if it turns out it’s not the general IDF we’re talking about, and specifically not one all Israelis have to serve. And that Google has all the good stuff.
But anyway I’m going to let you believe what you believe about a corporation that makes “donations” to a military, and I’m going to believe what I believe.
vlovich123 [3 hidden]5 mins ago
Can you elaborate so I can educate myself? Speaking in innuendo isn’t helpful for a discussion like this.
LtdJorge [3 hidden]5 mins ago
Are you saying that Apple should ban hiring Israelis since all of them have to serve in the IDF?
op00to [3 hidden]5 mins ago
Can you try your questions again, but this time coherently?
wat10000 [3 hidden]5 mins ago
The Israeli military takes corporate donations?
andrewflnr [3 hidden]5 mins ago
> It is more plausible for the US government to have planted or extorted an asset working as a developer at apple
This is indeed how I read the comment you replied to.
notepad0x90 [3 hidden]5 mins ago
I read it as saying apple's leadership is complicit and cooperating like Google's and Microsoft's have been.
andrewflnr [3 hidden]5 mins ago
The phrase "someone inside Apple" doesn't really connote top leadership. To me at least it resonates more with "insider threat". If they meant it was corporate policy, they would have just said "Apple". And as you said it's rather implausible to start, so I don't know why that would be your first interpretation. :)
aucisson_masque [3 hidden]5 mins ago
> I'm sure if such a relationship became public,most Americans will forget about it in few weeks time and half will be surprised what the big deal is. But apple will lose out on Asia and Europe where it has solid competition. Their hardware is their bread-and-butter.
Everyone is somewhat aware that their phone are not impermeable to government agencies and it doesn't matter, that's the case for Americans of course because they are well used to it, but also for Europeans.
If they were to purposely make 'mistake' to allow Israeli spying companies to compromise their phone, it most likely wouldn't change anything.
whatevaa [3 hidden]5 mins ago
It wouldn't be disastrous. Most won't care. A lot of fanatic fans would buy an i-dildo if that was ever a thing and would say that it's the best thing ever.
I hope they're making them stay vulnerable for jailbreakers.
flyinglizard [3 hidden]5 mins ago
It's spectacular how, when Israelis are involved, entire R&D organizations can suddenly become sinister cabals that operate in complete secrecy across ranks.
/s
cedws [3 hidden]5 mins ago
You only have to have kompromat on one person high up to get the result you want.
notmyjob [3 hidden]5 mins ago
I’ve been told repeatedly by high ranking members of the apple support forum to never look at logs. Only schizos and idiots look at the logs they said. Even experienced apple developers don’t look at the logs I was told. This makes me question everything about apple support, especially the “geniuses” that work at the Apple Store.
notepad0x90 [3 hidden]5 mins ago
I just wanna say how ridiculous it is that forensics on iphones is done via backup archives. If apple at least included a full system memory dump along with the backup that'd be better. If only the allowed system-extensions like on macos that run in EL1+ for security monitoring.
axoltl [3 hidden]5 mins ago
I do vulnerability research. Those things would do the exact opposite of what you're aiming for. They'd be received with glee by mercenary spyware companies, _especially_ being able to load things into higher levels of privilege.
notepad0x90 [3 hidden]5 mins ago
that wouldn't be a problem, apple signs extensions. In windows land for example, there are ELAM drivers for security software, they don't just hand them out, you basically have to convince people at Microsoft you're one of the good guys, in person.
axoltl [3 hidden]5 mins ago
It means more surface (both from extensions themselves and the loader code), relaxation of things like KTRR/CTRR (you now need to add executable EL1 pages at runtime), plus the potential for signing keys to leak (Finding enterprise signing keys even for iOS is fairly easy).
Yeah, loldrivers are a thing because any signed driver can load, vuln drivers with ELAM .. I don't know of any, I believe they're quite rare.
You have a good point with attack surface, but apple has a pretty robust system already for ensuring boot and lock security that doesn't rely on EL0/El1 security. I'm sure you know more than me about higher EL's like EL3 and secure world code that can take care of all that. I'm pretty sure they don't have to issue new signing keys either, matter of fact, why let even 3rd parties do this, apple themselves could expose a memory and file system dumping api without involving third parties. That way, they could sanitize away anything they consider sensitive as well. They can also require that the commands be issued over a physical/authorized usb connection.
Point is, there are very legitimate are critical cases where memory and file system forensics could be critical. From what little chatter I've heard, forensic software today is resorting to exploitation of the devices and those exploits tend to be abused for other reasons too.
transpute [3 hidden]5 mins ago
Trusted high-privilege components, whether first or third party, are targeted for exploitation.
notepad0x90 [3 hidden]5 mins ago
Do you know of any reports where macos system extensions being abused this way? I've heard about windows drivers, but my impression was apple is doing this well enough to be a non-issue mostly?
> If apple at least included a full system memory dump along with the backup that'd be better
Wouldn't that make it easier for people to find vulnerabilities and more importantly (for Apple)? Which would allow people to find vulnerabilities for rooting the phone, something Apple really seems hellbent on preventing.
hulitu [3 hidden]5 mins ago
> I just wanna say how ridiculous it is that forensics on iphones is done via backup archives.
Why would somedy want to disturb in memory exploits ? /s
devJdeed [3 hidden]5 mins ago
Can someone confirm if this update does fix the zero-click exploit from Pegasus ?
Retr0id [3 hidden]5 mins ago
Nobody is in a position to confirm that. You can reasonably assume there are multiple viable 0click vectors at any given time, regardless of patch level.
fulafel [3 hidden]5 mins ago
Terminology nit: An exploit is a technique or automation to take advantage of ("exploit") a vulnerability. So fixing a vulnerability breaks an exploit.
krackers [3 hidden]5 mins ago
>Consider holding off on updating to iOS 26
Wait what? Surely if you're concerned about nation-state spyware, upgrading to the latest version is safer than staying on a vulnerable version.
SoKamil [3 hidden]5 mins ago
Apple still releases security patches to recent versions of iOS, especially critical ones.
t0lo [3 hidden]5 mins ago
Deliberate?
bigyabai [3 hidden]5 mins ago
If it was then HN would never live it down, but let's look at the timeline:
13 months ago: Apple drops NSO Group lawsuit: https://nquiringminds.com/cybernews/apple-drops-lawsuit-against-nso-group-over-pegasus-spyware-concerns/
2 weeks ago: NSO Group confirms it was bought by US interests: https://techcrunch.com/2025/10/10/spyware-maker-nso-group-confirms-acquisition-by-us-investors/
Now: IOCs for Pegasus and Predator are removed from iOS in an OTA update.
londons_explore [3 hidden]5 mins ago
This is dumb - now that this is known, attackers will make sure that they edit the shutdown.log file to be perfectly byte for byte identical to an uninfected device.
So the log has no value
zimpenfish [3 hidden]5 mins ago
They already did:
> Researchers have noted instances where devices known to be active had their shutdown.log cleared, alongside other IOCs for Pegasus infections. This led to the conclusion that a cleared shutdown.log could serve as a good heuristic for identifying suspicious devices.
Which is why the article is pointing out that a cleared `shutdown.log` is no longer an indicator of Pegasus infections (because it now happens every boot.)
- The update now clears the shutdown log each boot.
> This led to the conclusion that a cleared shutdown.log could serve as a good heuristic for identifying suspicious devices.
> With iOS 26 Apple introduced a change—either an intentional design decision or an unforeseen bug—that causes the shutdown.log to be overwritten on every device reboot instead of appended with a new entry every time, preserving each as its own snapshot. This means that any user who updates to iOS 26 and subsequently restarts their device will inadvertently erase all evidence of older Pegasus and Predator detections that might have been present in their shutdown.log.
(They actually do use the expanded form in the article, just without some parentheses afterwards on the first usage of the phrase.)
Maybe everyone but me knows the abbreviation, but in case it helps _someone_ out there!
https://samm.dsca.mil/glossary/initial-operational-capabilit...
Abbreviations and acronyms are highly inefficient if not defined clearly and up front. It also creates a division between those who know and those who don't.
I absolutely detested seeing "ISO" suddenly everywhere on Facebook and Nextdoor in place of "in search of". If you didn't know that before, you know it now, but you may also be annoyed by it not being about the international organization for standardization, which also goes by ISO, but not for any reason people would magically guess, without a background in Greek. (ISO explains that, since the acronym would differ in every language, ISO is actually derived from isos, which means "equal". Happy coincidence that it almost matches the name of the organization, but could also become obscure with time and lost history.)
For our company, I've been very clear that we don't make up acronyms unless a layperson could reasonably guess what it stands for, and also not confuse it for something else.
Yeah, it's called "expertise" and it isn't as bad as you seem to think. Blogs for security professionals will use jargon and technical words aimed at other security professionals, and that's OK, not everything on the web is for everyone.
Just like how in my game development blog I don't explain what a "loop" is because I'm assuming the audience knows basic programming already, otherwise every article would be balloon out of scope easily.
Considering they have stuff like "Located within the Sysdiagnoses in the Unified Logs section (specifically, Sysdiagnose Folder -> system_logs.logarchive -> Extra -> shutdown.log)" in the article, my guess is that they're aiming for people who at least have a basic understanding of security, not general users, as those wouldn't understand an iota of that.
> because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.
Yeah, do try that, just not your cut version focusing on the irrelevance of a specific path and the meaning of >, but the whole paragraph. Do see how many people fail to understand that there was some file at some folder. You could even ask extra SAT questions "what do you thing a "shutdown log" is, does it record activities during device shutdown?")
Any example where somebody says an article doesn’t do a great job defining its terms just becomes proof that the authors only wanted readers who already understand the terms.
In other HN discussions there have regularly been divisive gatekeeping trolls who, in response to people asking what acronyms stand for and suggesting articles like this define them after their first use, are inexplicably and vehemently opposed to defining acronyms, and who argue incessantly that acronyms should not be defined because everyone should already know what they are, and criticize people who don't already know, because they are meant to be excluded from the discussion. What possible motivations could they have?
I just don't understand that mindset, but I suspect there's a big overlap between them and the trolls who regularly throw tantrums about accessibility, usability, diversity, equity, and inclusion, and see empathy as a weakness, since it's a similar exclusionary mindset.
The anti-accessibility trolls are incredibly foolish and short sighted (pun intended) to not realize that unless you are "lucky" enough to die at an early age, EVERYONE is going to need and benefit from accessibility and inclusive interface design.
Edit: Oh I see one of them has dropped in and taken their precious time to argue back and forth in several posts, with orders of magnitude more words and off-topic noise than it would have taken to simply define the acronym in the first place and move on, thereby undermining their own circular arguments. What a sowapphtdo (strange obsession with a particularly pointless hill to die on)!
I like riehwvfbk suggestion: "expertise theatre". (But what does riehwvfbk stand for? ;)
As someone who actually worked there a decade ago, that doesn’t reflect the attitudes and positions of people I worked with then. And many people generally tend to stay working at Apple for long periods of time.
I can’t speak if that’s changed or other things happening, but this could easily be just a late-introduced bug as it wasn’t present in earlier betas as someone noticed - my expectation would be such a change would be present quite early. I would be very very surprised something this insignificant was a late introduced change at the request of the government - Apple historically just doesn’t act that way (see the San Bernardino row over unlocking the iPhone for the FBI).
Regarding the basis of Apple's market cap, I would suggest that profitability ranks a bit higher than privacy. Apple's potential tariff burden was $44 billion annually, reduced to $7 billion after Cook plied the mad king with flattery, gold and cash. Apple had lost $300 billion in market value before Trump exempted smartphones, then immediately regained its $3 trillion market cap.
Privacy is nice brand positioning, but the truth behind it was always that Apple wasn't beholden to "surveillance capitalism" like the other tech behemoths as hardware was their primary profit center. This allowed them to take the high ground on this one, while coincidentally kneecapping Meta and others with App Tracking Transparency - which cost Meta an estimated $10 billion in 2022 alone and hit Google as well. But ATT only blocks third-party tracking across apps and websites - it doesn't apply to Apple's own growing advertising business, which uses first-party data from the App Store, Apple News, etc. Apple claims they don't "track users across apps and websites owned by other companies" - but they absolutely track within their own walled garden for their expanding ad business.
And the iOS 26 removal of Pegasus/Predator detection artifacts right as ICE activates Paragon spyware contracts? Maybe a coincidental bug, maybe what happens when keeping Trump happy is worth tens of billions.
I’ll point you to Apple developing the privacy-preserving CSAM scanning feature which got approved at lower levels and then got pulled back when it actually started hurting their brand. They respond to this stuff and I don’t think perfection is a reasonable bar.
> And the iOS 26 removal of Pegasus/Predator detection artifacts right as ICE activates Paragon spyware contracts? Maybe a coincidental bug, maybe what happens when keeping Trump happy is worth tens of billions.
And if iOS 26.1 or 27 restores previous behavior or does that change the narrative you’ve built in your head and you’ll just say “of course - they just got caught”? If you can’t falsify your narrative there’s no point having a constructive argument - I can’t factually argue you out of a position you didn’t argue yourself factually into.
But yours does?
I know some fairly high-up folks in Cupertino. They care about privacy more than the median American, possibly the median techie. They overshot in San Bernardino precisely because they were internally calibrated off the political mark.
Every company works with whoever gets elected. This isn’t new. It isn’t indicative of political support. It’s just how business is done.
First, I never claimed Cook "supports" Trump - as I said, I suspect he personally loathes him. The point is that corporations are making unprecedented concessions to avoid Trump's wrath.
Second, companies push back on government constantly when it serves their interests. Apple previously fought the FBI over privacy, but more typically companies push back or evade the law for financial benefit, not principles. When penalties are low enough they accept them as the cost of doing business, e.g. Meta's consistent, willful FTC consent decree violations.
Third, openly bribing a sitting president with a 24-karat gold gift is not normal corporate behavior. The Trump administration has used state power to control private enterprise in a completely unprecedented way: tariff threats as extortion, DOJ investigations targeting companies over DEI programs, prosecution of high-profile figures who resist - mostly political enemies so far but Zuckerberg faced threats of "life in prison" before he showed sufficient fealty.
I'm waiting for the whataboutism replies here, and executive overreach was a thing in the past, but Trump has fundamentally changed the character of the US system of government. The enabling environment is unprecedented: a Congress with zero interest in oversight and a Supreme Court granting immunity for official acts. When you combine unlimited executive power with no checks, corporate capitulation isn't "just business" - it's rational fear of an authoritarian using every lever of government to punish dissent.
Fail is an overstatement. Apple is part of PRISM and the functionality is working as intended. When a hole becomes public, it is quickly patched.
PRISM was semi voluntary. And the legal immunities it operated under expired in 2017.
Do you really think that with all of the years of iPhone device and account takeovers, from a text message requiring no reading or interaction, Apple with their maximum controlled walled garden aren't facilitating? Apple spent billions moving factories because the US government told them to. They are the keymaker.
Apple could do a lot of things, such as preventing the black market for stolen phones from existing. A single city, London, had 80,000 phones stolen in 2024.
"...Onwurah argued that "robust technical measures" such as blocking stolen phones taken overseas from accessing cloud services could make devices "far less valuable".
"She also pointed to comments by Mobile UK, the trade association of the UK's mobile network operators, who said blocking IMEI in other countries was a "necessary step to dismantle the business model of organised crime".
"However, she said when giving evidence, Apple, Google and Samsung had avoided saying why they would not implement the technology." <--**
https://www.bbc.com/news/articles/cx2y037pg41o
Doesn't iCloud lock basically already makes a stolen iPhone unusable? What more do you want?
TL;DR if the device is stolen from you by a stranger, this is possible. If the device is stolen from you by someone you permitted to use the device, this is not possible
I suspect these kinds of thefts are a small fraction of the "80,000 phones stolen in 2024" that OP was talking about. Moreover the only plausible case I can think of this happening is for corporate devices, which can be MDN enrolled and locked to a particular organization.
So to confirm, you don't want Apple to remote lock phones after a theft, and you can already lock phones before a theft. What's missing? Do you want them to put a placard in every iPhone box reminding small businesses owners to lock their phones with MDN?
>You're also victim blaming here, and it's definitely not helpful or even appreciated.
You playing "victim blaming" card to dismiss arguments isn't appreciated either. It's not "victim blaming" to point out that contrary to what you claim, Apple provides ways to lock phones and that they're not particularly onerous.
If you are a high target or require better privacy & security, GrapheneOS is the best option which delivers on everything it promises
Pegasus and Predator were VERY widely publicised exploits in iOS, I find it shortsighted for Apple not to have control over how these get identified in the first place.
It's also frustrating that the entire "your iPhone is safe and private" assumption is a black box and we only have Fruitcorp's assurances that they're doing the right thing. So imagine, people finding all kinds of bugs on iOS26 ... how is one to believe these bugs and glitches don't extend into security features as well?
That said, if we take Apple’s stance on privacy seriously, users should also have deep inspection capabilities on their own devices. After all, they’re supposed to own them.
Just because you own a device, that doesn't mean the manufacturer is obligated to add features you want.
Since there is no sideload and the criptographic keys belong to Apple, then the device belongs effectively to Apple and you just rent it for a fixed fee.
You can't both own it and not own it depending on the situation, thus exposing Apple's hypocrisy as a well-intended parentified gatekeeper just protecting the users/childified adult users.
That’s really reductive thinking. I guess the idea is to blur all the different connotations of “own” into one thing and assert they are all the same?
I “own” a car, but am not allowed to drive it in some situations (if I’m drunk, on the wrong side of the freeway, …). Does that mean the state actually owns it?
Disregarding context in favor of reductive binaries is the #1 sign of zealotry. You see it everywhere: either a movie is original or it’s not, so Avatar is / isn’t (pick one) because it follows familiar tropes / innovated in visual arts (pick one).
The world is actually contextual. The moment you throw that out, no meaningful statement can be made.
By registering the car and obtaining a license you are agreeing to obey the rules set out by the state in exchange for permission to use the roadways.
To steelman the argument, you could argue that by using an iDevice you are using Apple's services and agree to follow the rules set out by them. But there is no such possible way to use an iDevice without relying on Apple's services.
With a car you can have it delivered and only use it off public roads on your own property. That would be a lot less useful, but it is something people do sometimes, such as with vintage/museum cars, race cars, construction/farm/mining vehicles, etc.
It's always your vehicle. The issue is the roads not the vehicle. But with an iDevice, even if it's legally "your phone", it's been designed to be impossible to do whatever you want with it within the bounds of the law, which weakens the traditional notion of what it means to "own" something (ie "right of disposal").
Again to steelman it, the retort is "Apple has the right to manufacture devices in alignment with protecting their business model, if you don't like it then buy other devices". Which is fine normally, except that the only other major similar device manufacturer is starting to do similar kinds of things and our society increasingly depends on the assumption everyone has a phone.
So what's increasingly becoming the scenario is that you have a choice: either allow your rights over your own property be infringed, or allow your ability to participate in society be infringed.
There is. One can go through the iPhone setup wizard and opt out of everything. You don’t need to have any accounts, neither iCloud nor App Store one, or to be logged on to any Apple services to use your phone.
Someone who knows more about iOS than both you and me could comment further on whether subtle things like aGPS would continue to function as expected, but everything you specifically thought of when you wrote “to use an iDevice” would work.
No, it means that the state owns the freeway.
Another way to think of this is imagine if Apple burned the OS into a ROM chip. That doesn't make them the owner of the device because the user can't write to the ROM chip. By that logic no one would own the device because no one can update it, but that can't really be true.
This is unique to modern technology, and the fact that they sell you the house keeping sole ownership of the keys to certain rooms is indeed worth examining I think.
Except that they are not actually given that freedom.
The entire notion of free software is that users should be free to modify the software stacks of their devices.
Very few consumer devices are free in that sense. You can't run a custom OS on an iPhone.
Not everyone cares about the bits. It’s true that the vast majority of consumers prefer having a single supplier to having freedom to run their own bits.
apple always trying to hide things and lock people more out of how the device works. they use privacy as an excuse and even sue and jail ppl who try to look at things properly.
> If you care about your iOS device security.. reboot every day.. writes a list of running processes to this shutdown.log file.. If you have processes that shouldn't be running, they will get written to this shutdown.log file.. allows you to go back in time and check for IOCs.
> Consider holding off on updating to iOS 26 until Apple addresses this issue, ideally by releasing a bug fix that prevents the overwriting of the shutdown.log on boot.
I'm sure if such a relationship became public,most Americans will forget about it in few weeks time and half will be surprised what the big deal is. But apple will lose out on Asia and Europe where it has solid competition. Their hardware is their bread-and-butter.
It is more plausible for the US government to have planted or extorted an asset working as a developer at apple than apple itself making such a monumentally foolish decision.
Google and Microsoft on the other hand, that I am fairly certain of.
But... i digress a bit, only because Tim Cook was kissing the proverbial king's ring a lot lately. donations are one thing, giving gold gifts in person and on national tv is another.
I don't think I'd read more into it than that.
From Wikipedia: "Bribery is the corrupt solicitation, payment, or acceptance of a private favor (a bribe) in exchange for official action."
But let’s not motte bailey that into proof that Apple intentionally ships backdoors.
Which, whilst morally repugnant, does make business sense - if Apple got hit by tariffs or other penalties, you can be sure the Carl Icahn style leeches would be popping out of the woodwork complaining that Tim Cook was ruining Apple / the share price / etc. and trying to orchestrate shareholder and/or board revolts.
(And Good Lord, imagine the threads on here if Apple's value dropped just because Tim Cook didn't give a hideous piece of tat to Trump.)
How is none of this public knowledge
- Are you saying that you believe apple is picking someone who is a real wizz with css, but because of the country’s laws they had to serve with the IDF?
- Are you saying the formality of having to be a former of your previous employer, as part of taking on new employment is to be unexpected in any way?
Firstly, the exploits in play would not be introduced by a “css whiz kid” first of all. Creating holes for rootkits like Pegasus requires deep low level expertise.
Secondly, AFAIK all the teams that would be involved on working on that are located in Cupertino - so these people had to relocate to the US.
But yes, I think finding anyone who was a child in Israel and didn’t serve in the IDF is very difficult. This is doubly-so for the tech sector since the IDF is often where they obtain their initial technical education and are serving between 18 and 21.
Unless you’re blanket just going to disallow recruiting from Israel or hiring people who moved from Israel to the US and might even be US citizens. But then you’re also going to have to explain why you’re applying this policy to Israelis and not Koreans, Singaporeans, Taiwanese, Norwegians, who have similar mandatory service requirements (plenty of countries do).
I’m not saying that Mossad don’t try to get their own secret agents working long term undercover in these places. But that’s also true of other secret services of enemies and allies alike and I would think they’re less likely to generate exploits intentionally and more likely to gather information and look for exploits by having access to source, documentation, and able to get information from peers. But Israelis having previously worked in the IDF doesn’t really provide any signal to me on the motivations or beliefs of that person.
You know what, you’re absolutely right. But you’d be wrong if it turns out it’s not the general IDF we’re talking about, and specifically not one all Israelis have to serve. And that Google has all the good stuff.
But anyway I’m going to let you believe what you believe about a corporation that makes “donations” to a military, and I’m going to believe what I believe.
This is indeed how I read the comment you replied to.
Everyone is somewhat aware that their phone are not impermeable to government agencies and it doesn't matter, that's the case for Americans of course because they are well used to it, but also for Europeans.
If they were to purposely make 'mistake' to allow Israeli spying companies to compromise their phone, it most likely wouldn't change anything.
Like https://www.amazon.com/app-controlled-vibrator/s?k=app+contr... ?
Is there a "Rule 34" type proclamation where if it exists someone will add an app to it whether it needs it or not.
https://www.youtube.com/watch?v=yqN6749QqtA
/s
As far as Windows goes, https://www.loldrivers.io is a thing.
You have a good point with attack surface, but apple has a pretty robust system already for ensuring boot and lock security that doesn't rely on EL0/El1 security. I'm sure you know more than me about higher EL's like EL3 and secure world code that can take care of all that. I'm pretty sure they don't have to issue new signing keys either, matter of fact, why let even 3rd parties do this, apple themselves could expose a memory and file system dumping api without involving third parties. That way, they could sanitize away anything they consider sensitive as well. They can also require that the commands be issued over a physical/authorized usb connection.
Point is, there are very legitimate are critical cases where memory and file system forensics could be critical. From what little chatter I've heard, forensic software today is resorting to exploitation of the devices and those exploits tend to be abused for other reasons too.
Wouldn't that make it easier for people to find vulnerabilities and more importantly (for Apple)? Which would allow people to find vulnerabilities for rooting the phone, something Apple really seems hellbent on preventing.
Why would somedy want to disturb in memory exploits ? /s
Wait what? Surely if you're concerned about nation-state spyware, upgrading to the latest version is safer than staying on a vulnerable version.
So the log has no value
> Researchers have noted instances where devices known to be active had their shutdown.log cleared, alongside other IOCs for Pegasus infections. This led to the conclusion that a cleared shutdown.log could serve as a good heuristic for identifying suspicious devices.
Which is why the article is pointing out that a cleared `shutdown.log` is no longer an indicator of Pegasus infections (because it now happens every boot.)