The “security hole” was that this app pretended to be a M1 MacBook Pro with a validation payload generated using a simulated old x86 macOS library. This particular edge case somehow tricked Apple’s servers into thinking that it was a real MacBook Pro it was talking to, and it proceeded to happily generate the encryption keys needed to create iMessage traffic. From there it was a thorough reverse engineering of the iMessage API.
By all intents and purposes, the app was developed using a high profile exploit. The Python POC it was “based” (purchased) off of is still out there for everyone to see.
That’s not to mention it was discovered by a hobbyist high-schooler. Complaints of monopolistic anti-competitiveness aside, you have to admit that’s cool.
The “security hole” was that this app pretended to be a M1 MacBook Pro with a validation payload generated using a simulated old x86 macOS library. This particular edge case somehow tricked Apple’s servers into thinking that it was a real MacBook Pro it was talking to, and it proceeded to happily generate the encryption keys needed to create iMessage traffic. From there it was a thorough reverse engineering of the iMessage API.
By all intents and purposes, the app was developed using a high profile exploit. The Python POC it was “based” (purchased) off of is still out there for everyone to see.
That’s not to mention it was discovered by a hobbyist high-schooler. Complaints of monopolistic anti-competitiveness aside, you have to admit that’s cool.