This is borderline negligence for the lack of authentication and security of the app. I suppose it may just be a matter of time until someone figures out how to get access to other more critical systems in the vehicle, similar to the Tesla vulnerability from last year. It took the Tesla security researchers less than a year from when they found they could access the sound and climate systems (over similar cellular networks) to being able to flash custom firmware on-the-fly and take control of steering and acceleration / braking.
"When people die in huge crowd 'stampedes', it's rarely from being trampled, it's from being crushed and suffocated (while still standing) by densely packed bodies."
That article is two weeks old. 10.10.5 was released 3 days ago, and the fix is mentioned in the release notes (under dyld): https://support.apple.com/en-us/HT205031
They were able to remotely flash the firmware while the vehicle is being driven down the highway and there's not really anything the passengers can do while it's happening. They are able to control other components like the audio system without needing to flash anything.
You are correct. It runs with system and graphics privileges on many devices. It is a native service started at system init and is automatically restarted if it crashes.
This specific exploit can be initiated whenever metadata for an MP4 file is processed. Disabling auto-download of MMS is an important first step workaround. Be cautious with any untrusted media files on your Android device. Simply creating the thumbnail preview image is enough to silently trigger privileged code execution.
Thanks for not returning my call Casey.
Fuck off.