Scary stuff, but on iOS 16 there is now LockDown Mode, see second link. I assume that most people are aware of this and hopefully it can protect against this type of spyware in future attacks. https://www.bleepingcomputer.com/ne...le-calendar-invites-to-drop-quadream-spyware/ https://techcrunch.com/2022/08/12/apple-lockdown-mode-ios-16/
Lockdown mode is too restrictive for my standard iOS usage. However, I use Norton 360 which has protection modules covering different areas. Wi-Fi, messaging and calendar protection, Safe Web which protects all network communication on iOS regardless of browser/app, and last but not least a full fledged VPN. So all calendar invites are scanned for malware links. While I don't prefer Norton on Win machines I have to admit that Norton 360 for iOS is by far the best iOS protection solution I have ever used.
OK thanks for letting me know, that's what I already expected that Lockdown Mode is probably a bit too restrictive, which makes you wonder how many people will actually be using it. I do have to say that I'm quite skeptical about mobile AV solutions though, especially when it comes to protecting against exploits.
iOS/iPadOS doesn't need conventional AV but it's wise to use a security solution tailored to impending iOS/iPadOS specific risks and Norton 360 proved me to be the best. https://www.techadvisor.com/article/730768/do-you-need-antivirus-on-ipad-or-iphone.html
Well, I don't know about if it doesn't need an AV, because even on official app stores there can always be malware that slip trough, see link. But what I meant is that AV's on mobile phones aren't that advanced as on PC's AFAIK. They can't really tackle exploits as is possible on PC's. https://www.wilderssecurity.com/thr...app-stole-his-life-savings-in-bitcoin.450761/
A distinction must be made between Android and iOS. Android is more prone to infections than iOS. However, this does not mean that iOS should not be protected especially against increasingly common sophisticated threats.
I think that's mostly that Apple seems to be more picky about what they let people post on their store. I still won't run security software on a phone either way. Too much battery drain to get too little in return. I don't know anyone personally with an infected phone (it does happen but seems mostly unlikely). Some of these same people have infected PCs so I have to assume it is harder to infect a phone.
Yep, and you only need to reboot a phone to get ride of malware's elevated privileges (if they were obtained in first place, which is unlikely on up-to-date OS)
Note while that rebooting a phone can indeed get rid of an infection, some malware might be able to persist across reboots. Though it is significantly harder to make malware able to infect a phone deep enough to survive a reboot. I have been using Lockdown Mode quite a while now, and don't find it too restrictive. Some websites don't work anymore, but if a website doesn't work, you can exclude it from Lockdown mode.
Could you give an example? As far as I know even dreaded Pegasus, that costed millions dollars in licenses, didn't survived the reboot. The phone had to be reinfected again.
For example here it is said that malware that does not survice reboots is easier: https://www.the-sun.com/tech/4422746/apple-iphone-warning-noreboot-bug-zecops/ I did a little search on Pegasus and found out they did have persistence but they seemed to purposefully not do that anymore because that means the malware is also harder to recover by a researcher: https://www.amnesty.org/en/latest/r...ology-report-how-to-catch-nso-groups-pegasus/ https://github.com/mvt-project/mvt/issues/321#issuecomment-1341789140
Good explanation, thanks. Anyway companies supplying nation-states don't choosen to persist across reboots to not reveal their weaponry, to not lose precious exploits. As non-VIP I still won't worry so much about persistence across reboots until proven otherwise
OK, then I guess it depends on how you're using iOS, and it's a matter of taste. For example, NoScript has always been a joke to me, because it breaks about 98% of all websites, that's not what I call smart security.
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html
