NSO has an infinite supply of exports for pretty much every platform. It doesn't really matter what you run, if you are a high-profile target and don't take active counter-measures, you will be hacked. That's not what I am talking about.
Instead some things that have every day practical relevance for me:
- read-only mounted system volume that prevents me from doing stupid mistakes and accidentally sudo rm important files
- application certificates
- all executables being code-signed to prevent tampering
- built in zero-knowledge password manager with automatic synchronization across all my devices
- full hardware insulation for DMA devices on Apple Silicon
What are you talking about? You have nothing to hide?
You are so addicted to Apples "solution" that as a tech savvy professional you cannot "countermeasure" against.
Practical? What is practical in knowing that your trusted computing device is easy target? Did you not understand that "power of association" with high-profile target by false positive will ruin your life forever? And this "automated" processes will be "included" in all commercially viable OS's.
IDK but sticking with FOSS and practical knowledge looks like better solution than trusting "whatever magical <Big Corporation> tech.
But who am I to question the Apple fetishists of current day. After all in the past I was in this camp. So be happy with whatever "rationalization" you come up with. Everything is fine and dandy, the Big Apple is taking care of you.
Easy target as in „having an adversary that has millions of dollars to pay a company specialized in device hacking“? I think I’ll live. The idea that using FOSS makes you more secure is naive at best.
Using FOSS makes me more secure because of how I use it.
Because of availability of control surface, absent in Windows and macOS and most importantly the Kernel access. Yep, there are security problems in any os, but to compare custom build Gentoo with your beloved Apple toy, please grow up:) Your argument is funny and nonfactual.
To trust that a company witch publicly cooperates with oppressive governments and creates on device scanning software , breaching all "privacy" promises, helping with your security is absurd.
I have used exclusively Apple computers since early 2000s, and can pinpoint the moment in which all that I loved ended.
The moment when the iPhone was born.
Since then fighting with Apple telemetry was "business as usual", the existence of Little Snitch is all the proof that you need.
Not sure why you're being downvoted, you're right. HN commenters just love to take every opportunity to hate on Apple.
Nobody said Apple's security is perfect. People's views are simply biased because when Apple's much tighter security is breached, of course it will make headlines everywhere. Windows and Android have far more malware, but you won't see headlines about it every single day.
Either way, unless you're a journalist, politician or some other high-value target, you're pretty unlikely to be targeted by exploits like the NSO one. But if you don't care about jailbreaking, you can still update your device to give yourself peace of mind.
Zero days are more expensive for Android than for iOS. That says something when Android is much more likely to be used by a target. Android security is broken but it is generally better than what Apple does.
Normally if a platform has relative low market share - the value of an exploit is relatively low (ie, 15% market share is pretty low). An android exploit gets you 85% of your market, maybe even more internationally where these get heavily used.
Android is about $30K per point market share and iOS is around $130K per point market share (4x more).
For example, it's not that Exchange / Outlook are HARDER to get an RCE on that makes the payout so high for those, it's because they have a LOT more usage than something like postfix etc.
