> Most message attachment types other than images are blocked.
Who wants to bet that this reflects minimum requirements dictated for user experience, rather than reflecting what Apple are actually securing today ?
The correct model here, the one that would actually defeat these adversaries, is to start with what you can actually secure and expand from there, prioritising customer needs. This delivers security improvements for all customers, but it makes the calculus simple for Lockdown customers, whatever Lockdown allows will be OK.
Suppose today Apple has a working safe BMP reader, and a working safe WAV reader, but they're still using their ratty JPEG and MP3 implementations. As described, this feature says you can receive a JPEG attachment (which takes over your phone and results in your cousin who remains in the country being identified as a contact and imprisoned) but you can't listen to the WAV file an informant sent you because that's "dangerous"...
I find is absolutely hilarious that they've kept the images in Messages while one of Pegasus attack vector was sending a PSD file as a *.gif, which crashed Messages parser.
Yeah, apple really should dumb down that parser to just “modern” jpg/png/webp for their entire application stack. bmps and gifs shouldn’t still be used. And photoshop is a bit proprietary for apple to be rendering their files within iMessage
Who wants to bet that this reflects minimum requirements dictated for user experience, rather than reflecting what Apple are actually securing today ?
The correct model here, the one that would actually defeat these adversaries, is to start with what you can actually secure and expand from there, prioritising customer needs. This delivers security improvements for all customers, but it makes the calculus simple for Lockdown customers, whatever Lockdown allows will be OK.
Suppose today Apple has a working safe BMP reader, and a working safe WAV reader, but they're still using their ratty JPEG and MP3 implementations. As described, this feature says you can receive a JPEG attachment (which takes over your phone and results in your cousin who remains in the country being identified as a contact and imprisoned) but you can't listen to the WAV file an informant sent you because that's "dangerous"...