I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

  • Steamymoomilk@sh.itjust.worksEnglish
    141·
    5 days ago

    Cool and who validates the code base for security vulnerability? And sends tons of packets related to tracking back to there servers?

    • spv.sh@lemmy.spv.shEnglish
      14·
      5 days ago

      the codebase itself? besides XNU, nobody… but, given the immense amount of scrutiny placed on the software, if there was some magic backdoor (an intentional one, anyway, not talking about like NSO group RCEs 'n shit), don’t you think we’d know?

      the average person doesn’t even know what grapheneos is. if they’re either going to buy an iphone, or some generic android phone running a vendor kernel that hasn’t been patched this administration, i’d want them to buy the iphone.

        • spv.sh@lemmy.spv.shEnglish
          3·
          5 days ago

          moi: “not talking about like NSO group RCEs 'n shit”

          tu: “how do you think pegasus works”

          you could have at least picked a different cyberwarfare company…

          by that logic, every OS under the sun has massive backdoors. bugs exist, man. my point was that for the average person, a fully-patched ithing is going to be among the more secure options.

        • Drunk & Root@sh.itjust.works
          1·
          4 days ago

          wasn’t Pegasus attack vector sms how is it a OS issue if its a protocol its the same as saying Linux is insecure because xmpp had a vulnrabilty and allowed remote access

          • spv.sh@lemmy.spv.shEnglish
            1·
            3 days ago

            depends on the chain in question. some used iMessage as a way in, but (at least in the case i’m thinking of rn) it was only used to trigger an image parsing bug. in others, sms was used to trick someone into clicking a link, exploiting a bug in JavaScriptCore.