They are literally controlled by the same company, “a continued relationship with @Apple.”
Apple wants @CorelliumHQ because they want control 🥴
Have a bigger write up coming. How Apple turns a blind eye, how their research device is bogus and potentially discriminates disadvantaged researchers from ever participating in their bug bounty.
We sent them the vulnerability 4 months ago. They contacted us before the talk assuring us that we wouldn’t mention them, and we said, “sure because it’s not fixed yet.”
The vulnerability was discovered using a virtualized MacOS
This is weird because the SRD is only for iPhones.
@Apple will you release a security research device for the desktop?
Does the Mac security not matter as much as iOS?
I used a jailbroken iPhone to verify and then on old OS via @CorelliumHQ.
Umm #ChipShortage feels like it’s getting WORSE not better 😂 companies are panic buying many popular items on Mouser/Digi-Key...
Should we turn to unsafe supply-chain sourcing?
“... Expected 17/8/2023!”
Hint: good time to open a semi fab 😂!
For those who don’t understand the shortage, open up one of your least favorite smart devices, find the parts on mouser.com and see if it’s out of stock, or “On-Order”, etc.
Also, it should considered a national security risk, by all governments. Desperate companies will turn to shady markets for parts, inducing unneeded supply chain risk. Would be a great time to subsidize some home turf fabs, instead of relying on a handful.