undefined | Better HN

0 pointsbufferoverflow1y ago0 comments

> any backdoor must necessarily be on the client side

True, but it might be a part of an update that only hits a white-list of users, so you won't find the actual code that steals your private keys if you're on that list.

0 comments

1 comments · 1 top-level

miki1232111y ago

This is not allowed as far as I know, at least on iOS.

iOS apps aren't allowed to run arbitrary code that hasn't been signed by Apple. What goes in the AppStore is what runs on your device, and apps are physically incapable of writing data to executable memory. Safari / the built-in Javascript interpreter (and I guess third-party browsers in the EU) are notable exceptions here, as they need JIT.

Sure, Apple could develop special infrastructure to push fake updates to a predesignated list of targets, but at that point, you don't even need collaboration from Meta, and open source apps like Signal are just as vulnerable.

If Apple was willing to go that way, they wouldn't even need to bother with app updates. Ultimately, your messaging history has to be stored on your device in a way that your device can decrypt, and Apple could just steal that info.

I can't speak to what the situation is like on Android, but I presume similar mechanisms exist.

j / k navigate · click thread line to collapse