Persistence as a security boundary should be a goal of all modern operating systems. When breaking down costs/time spent during redteam ops, gaining persistence on integrity protect partitions is a top cost driver for attackershttps://twitter.com/lorenzofb/status/1229798896051904512 …
-
-
We can't presume a gov't only needs access once or that the time in which they can deploy the exploit is the same time in which they need access to the device. All we know is the goal is to gain access, not for what reason or how long.
-
Um.... Isn't presuming how long an attacker requires *exactly* what you're doing? I'm saying, that they achieved full compromise, why do you presume that isn't sufficient?
- 3 more replies
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I think it’s somewhere in between. Maybe they DO want access, because they want to delete that SMS auth message before you see it. Or want to track things in the present or future (like location or audio). Or pre-position for a future need. Not always read and exit.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Totally agree, 0-click non-persistent is even better in case the attacker wants to stay stealth or just dump the data. And if not, he can just reexploit it vuln as long as it's not patched
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
