SoylentNews

Zerodium Temporarily Stops Buying iOS Exploits Because there are Too Many

posted by martyb on Saturday May 16 2020, @12:18AM   
from the missed-your-chance dept.

takyon writes:

Zerodium Temporarily Stops Purchasing iOS Exploits Due to High Number of Submissions

Zerodium this week announced that it will not be purchasing any iOS exploits for the next two to three months due to a high number of submissions. In other words, the company has so many security vulnerabilities at its disposal that it does not need any more.

Zerodium is an exploit acquisition platform that pays researchers for zero-day security vulnerabilities and then sells them to institutional customers like government organizations and law enforcement agencies. The company focuses on high-risk vulnerabilities, normally offering between $100,000 and $2 million per fully functional iOS exploit.

Also at The Register and Wccftech.

Previously: Zero-Day Broker Publishes a Price Chart for Different Classes of Digital Intrusion
Exploit Vendor Drops Tor Browser Zero-Day on Twitter

---

Original Submission

• Unethical barstewards (Score: 4, Interesting) by leon_the_cat on Saturday May 16 2020, @12:30AM

  by leon_the_cat (10052) on Saturday May 16 2020, @12:30AM (#994821) Journal

  https://en.wikipedia.org/wiki/Zerodium [wikipedia.org]

  latest news from their front page
  Apr 17, 2020 - We are always looking for Linux local privilege escalation exploits for CentOS or Debian. The exploit must allow privilege escalation to root from a standard user and must work with x64 systems with a default configuration.

  Wonder how much they sell to organized crime?

• Not possible! (Score: 2) by Grishnakh on Saturday May 16 2020, @02:25AM

  by Grishnakh (2831) on Saturday May 16 2020, @02:25AM (#994846)

  But, but, but... the Apple fans insist that iOS is ultra-secure and so much better than Android!!

• iOS root exploit... iOS root exploit... (Score: 0) by Anonymous Coward on Saturday May 16 2020, @03:25AM (1 child)

  by Anonymous Coward on Saturday May 16 2020, @03:25AM (#994862)

  ↑ ↑ ↓ ↓ ← → ← → B A

  • Re:iOS root exploit... (Score: 2) by PiMuNu on Saturday May 16 2020, @08:43AM

    by PiMuNu (3823) on Saturday May 16 2020, @08:43AM (#994926)

    Double kick combo punch!

    Parent

• ahh. ahh. (Score: 0) by Anonymous Coward on Saturday May 16 2020, @10:25AM (1 child)

  by Anonymous Coward on Saturday May 16 2020, @10:25AM (#994942)

  Someday these people will find out that there is no security, not even on theoretical level.
  Information does not work that way.

  Even if the logic of a piece of software or hardware is not modifiable, unexpected and carefully crafted combinations of logic and changes to the _meaning of signifiers_ that the logic is made of destroy every intentional design, every time.

  I believe it not possible for a human or an arbitrarily large group of humans to map the complete space of what compiled executable or a chip of any complexity actually does, since many many things that it eventually can be persuaded to do are veiled, like... gadgets in the binaries or all them fancy Intel cpu attacks, for example.

  • Re:ahh. (Score: 0) by Anonymous Coward on Saturday May 16 2020, @06:43PM

    by Anonymous Coward on Saturday May 16 2020, @06:43PM (#995097)

    ^^^ What they said!

    Parent

• Societial dregs Societial dregs (Score: 0) by Anonymous Coward on Saturday May 16 2020, @05:18PM (1 child)

  by Anonymous Coward on Saturday May 16 2020, @05:18PM (#995051)

  There are a number of jobs where I wonder how one could do them and look themselves in the eye in the mirror in the morning. These guys fall into that bin for me.

  • Re:Societial dregs (Score: 0) by Anonymous Coward on Saturday May 16 2020, @10:28PM

    by Anonymous Coward on Saturday May 16 2020, @10:28PM (#995161)

    There was one supposed one on here. Basically an ultrapatriot who thought browns being glassed by drone strikes is swell.

    Parent