• jard@sopuli.xyz
    link
    fedilink
    arrow-up
    10
    arrow-down
    1
    ·
    edit-2
    11 months ago

    I honestly have to hand it to the kid who discovered this in the first place.

    Man’s still in high school, yet managed to find a high profile iMessage exploit while doing something he clearly enjoyed doing, knew the full value of what he’s discovered, sold it off to a company he likely surmised was frothing at the mouth for technology like this, and walked away with a huge wad of cash at the end of the day. He’s easily going places.

    • Graphine@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      11 months ago

      It wasn’t really a hack though so much as it manipulated the way it identifies itself to Apples servers. Apple obviously changed something there in retaliation so it’s not working now, but depending on the severity of the change they could get around this.

      Honestly though it won’t last long. Eric has a history of being overly ambitious and it’s why Pebble failed.

      • jard@sopuli.xyz
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        11 months ago

        I detailed it in a previous comment of mine, but it spoofs an identity request by pretending to be an early M1 MacBook whilst providing fake validation data from an old Intel-era macOS library. Apple servers then believed it was a real MacBook and handed over all encryption keys needed to establish E2EE communication over iMessage.

        Hack or not a hack, it most definitely is a weird edge case scenario (the specific combination of new MacBook model with old validation data) which is probably why it all worked to begin with.