Talk:Security and privacy of iOS

Apple Inc. High‑importance

	This article is within the scope of WikiProject Apple Inc., a collaborative effort to improve the coverage of Apple, Mac, iOS and related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Apple Inc.Wikipedia:WikiProject Apple Inc.Template:WikiProject Apple Inc.Apple Inc.
High	This article has been rated as High-importance on the project's importance scale.

Technology

This article is within the scope of WikiProject Technology, a collaborative effort to improve the coverage of technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.TechnologyWikipedia:WikiProject TechnologyTemplate:WikiProject TechnologyTechnology

Computing: Software / Security

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing

???

This article has not yet received a rating on the project's importance scale.

This article is supported by WikiProject Software.

This article is supported by WikiProject Computer security.

Things you can help WikiProject Computer security with:

Article alerts are available, updated by AAlertBot. More information...

Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Neutrality

Latest comment: 3 months ago6 comments3 people in discussion

Right now this article is how great iOS is. I think we should add some criticism here, like in Android security Stumbling9655 (talk) 20:45, 5 April 2025 (UTC)Reply

We should definitely add more criticism to this page. Especially about practice of giving iMessage and other Apple-bassed apps excessively high system privileges instead of the proper sanboxing, that allows malwares like Pegasus execute 0-click exploits. Tisykfylde (talk) 10:45, 20 April 2025 (UTC)Reply

Oh, and also about shared WebKit across all apps. That's a HUGE security concern, that was mentioned 0 times in this page. Tisykfylde (talk) 10:53, 20 April 2025 (UTC)Reply

We shouldn't be deliberately adding criticism for the sake of adding criticism. Then there would be two NPOV problems. Information should be covered proportionally to how it appears in the sources and sorted by topic. Just provide the facts without saying whether they're good or bad. Thebiguglyalien (talk) 🛸 04:25, 11 May 2025 (UTC)Reply

@Thebiguglyalien The problem is cherry picked facts. And it's good to have editors with different opinions, no? Stumbling9655 (talk) 05:13, 11 May 2025 (UTC)Reply

The point is not to add criticism for the sake of criticism. The point is to show the real state of the system's security, without rose-colored glasses, to avoid spreading misinformation and evoking a sense of false security among its users.

As for the sources, this articles discuss why shared WebKit is a serious vulnerability that has already been exploited in many zero-day exploits, and why Apple's low-transparency policy regarding security issues creates numerous problems:

https://medium.com/@techscribecentral/apples-webkit-exploit-a-deep-dive-into-cve-2025-24201-and-its-implications-e4e770873dbb

These articles mention how deep integration of iMessage and similar apps into the ios system, along with their extensive complexity, has lead to vulnerability exploits. And how Apple is trying to fix that:

https://www.protectstar.com/en/blog/iphone-zero-click-exploits-how-they-work-and-how-to-protect-yourself

https://www.wired.com/story/apple-imessage-security-improvements/ Tisykfylde (talk) 14:35, 17 May 2025 (UTC)Reply

Add topic