Readit News logoReadit News
whitepoplar commented on Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware   theregister.com/2026/02/1... · Posted by u/beardyw
j45 · 8 hours ago
It appears the iPhone Air and iPhone 16e are the only devices with the Apple radio basebands so far.

https://theapplewiki.com/wiki/C4000

whitepoplar · 8 hours ago
16e still uses a Broadcom chip for WiFi + Bluetooth, though. iPhone Air is currently the only iPhone that uses both Apple-designed baseband + WiFi/BT chips.
whitepoplar commented on An Update on Heroku   heroku.com/blog/an-update... · Posted by u/lstoll
asenchi · 5 days ago
Well many of them you may know in that they made their way into so many systems (though arguably without the refined UX of Heroku) but the two that come up the most and I am teaching others:

* The simpler the interface for the user, the more decisions you can make behind the scenes. A good example here is "git push heroku". Not only is that something every user (bot or human) can run, it is also easy to script, protect, and scale. It keeps the surface area small and the abstraction makes the most sense. The code that was behind that push lasted for quite some time, and it was effectively 1-2 Python classes as a service. But once we got the code into our systems, we could do anything with it... and we did. One of the things that blows my mind is that our "slug" (this is what we called the tarballs of code that we put on the runtimes) maker was itself a heroku app. It lived along side everyone else. We were able to reduce our platform down to a few simple pieces (what we called the kernel) and everything else was deployed on top. We benefited from the very things our customers were using.

* NOTE: This one is going to be hard to explain because it is so simple, but when you start thinking about system design in this way the possibilities start to open up right in front of you. The idea is that everything we do is effectively explained as "input -> filter -> output". Even down to the CPU. But especially when it comes to a platform. With this design mentality we had a logging pipeline that I am still jealous of. We had metrics flowing into dashboards that were everywhere and informed us of our work. We had things like "integration testing" that ran continuously against the platform, all from the users perspective, that allowed us to test features long before they reached the public. All of these things were "input" that we "filtered" in some way to produce "output". When you start using that "output" as "input" and chaining these things together you get to a place where you can design a "kernel" (effectively an API service and a runtime) and start interacting with it to produce a platform.

I remember when we were pairing down services to get to our "kernel" one of the Operations engineers developed our Chef so that an internal engineer needed maybe 5-7 lines of Ruby to deploy their app and get everything they needed. Simple input, that produced a reliable application setup, that could now get us into production faster.

Anyways, those are just a couple.

whitepoplar · 8 hours ago
Thank you so much for this!
whitepoplar commented on Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware   theregister.com/2026/02/1... · Posted by u/beardyw
walterbell · 8 hours ago
My iOS devices have been repeatedly breached over the last few years, even with Lockdown mode and restrictive (no iCloud, Siri, Facetime, AirDrop ) MDM policy via Apple Configurator. Since moving to 2025 iPad Pro with MIE/eMTE and Apple (not Broadcom & Qualcomm) radio basebands, it has been relatively peaceful. Until the last couple of weeks, maybe due to leakage of this zero day and PoC as iOS 26.3 was being tested.
whitepoplar · 8 hours ago
Are you a person of high interest? I was under the impression that these sorts of breaches only happen to journalists, state officials, etc.
whitepoplar commented on Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware   theregister.com/2026/02/1... · Posted by u/beardyw
dudeinhawaii · 9 hours ago
So the exploiters have deprecated that version of spyware and moved on I see. This has been the case every other time. The state actors realize that there's too many fingers in the pie (every other nation has caught on), the exploit is leaked and patched. Meanwhile, all actors have moved on to something even better.

Remember when Apple touted the security platform all-up and a short-time later we learned that an adversary could SMS you and pwn your phone without so much as a link to be clicked.

KSIMET: 2020, FORCEDENTRY: 2021, PWNYOURHOME, FINDMYPWN: 2022, BLASTPASS: 2023

Each time NSO had the next chain ready prior to patch.

I recall working at a lab a decade ago where we were touting full end-to-end exploit chain on the same day that the target product was announcing full end-to-end encryption -- that we could bypass with a click.

It's worth doing (Apple patching) but a reminder that you are never safe from a determined adversary.

whitepoplar · 8 hours ago
How much do you think Lockdown Mode + MIE/eMTE helps? Do you believe state actors work with manufacturers to find/introduce new attack vectors?
whitepoplar commented on An Update on Heroku   heroku.com/blog/an-update... · Posted by u/lstoll
asenchi · 6 days ago
It remains the greatest engineering team I've ever seen or had the pleasure to be a part of. I was only there from early 2011 to mid 2012 but what I took with me changed me as an engineer. The shear brilliance of the ideas and approaches...I was blessed to witness it. I don't think I can overstate it, though many will think this is all hyperbole. I didn't always agree with the decisions made and I was definitely there when the product stagnation started, but we worked hard to reduce tech debt, build better infrastructure, and improve... but man, the battles we fought. Many fond memories, including the single greatest engineering mistake I've ever seen made, one that I still think about until this day (but will never post in a public forum :)).

It was a pleasure working with you bgentry!

whitepoplar · 5 days ago
Tell us more about some of these ideas and approaches that changed you as an engineer! We'd love to hear!
whitepoplar commented on Apple Platform Security (Jan 2026) [pdf]   help.apple.com/pdf/securi... · Posted by u/pieterr
whitepoplar · 12 days ago
Given that A19 + M5 processors with MIE (EMTE) were only recently introduced, I wonder how extensively MacOS/iOS make use of the hardware features. Is it something that's going to take several years to see the benefit, or does MIE provide thorough protection today?
whitepoplar commented on GrapheneOS is the only Android OS providing full security patches   grapheneos.social/@Graphe... · Posted by u/akyuu
morserer · 2 months ago
This is true, and important. Thanks for the reminder.

The list linked above (and the price tag deduced from it) is restricted to unlocked phones only for this reason.

whitepoplar · 2 months ago
There's no way to easily tell that those phones have unlocked bootloaders, though. Ex-Verizon phones may be completely carrier unlocked, will work on any network, and still have locked bootloaders. This isn't an issue for anyone running stock Android, but will restrict those phones from being used to run GrapheneOS.
whitepoplar commented on GrapheneOS is the only Android OS providing full security patches   grapheneos.social/@Graphe... · Posted by u/akyuu
morserer · 2 months ago
Goodness, friend, where were you looking?

A used 256GB Pixel 8 in good condition is $320. https://swappa.com/listings/google-pixel-8?carrier=unlocked&...

whitepoplar · 2 months ago
One caveat--you have to be certain that you get a Pixel with an unlocked bootloader. There are a lot of Pixels (mostly sold by Verizon) that are unlocked for use with any carrier, but whose bootloaders remain locked. If you have one of these ex-Verizon phones, there is no way as of now to unlock the bootloader.
whitepoplar commented on Unpowered SSDs slowly lose data   xda-developers.com/your-u... · Posted by u/amichail
kvemkon · 3 months ago
Does the refresh procedure take place at all?
whitepoplar · 3 months ago
I would hope so.
whitepoplar commented on Unpowered SSDs slowly lose data   xda-developers.com/your-u... · Posted by u/amichail
fairfeather · 3 months ago
A full read would do it, but I think the safer recommendation is to just use a small hdd for external storage. Anything else is just dealing with mitigating factors
whitepoplar · 3 months ago
Thanks! I think you're right about just using an HDD, but for my portable SSD situation, after a full read of all blocks, how long would you leave the drive plugged in for? Does the refresh procedure typically take a while, or would it be completed in roughly the time it would take to read all blocks?
w

u/whitepoplar

KarmaCake day4888October 6, 2016
About
Say hi: sierpinski9321 [at] gmail.com
View Original