Its literally part of there constitution that they don't have elections whilst they are at war, and from a practical standpoint how would it even work for territories on the front line or under occupation?.

On non-jailbroken platforms you generally do this with a developer certificate.

You can find details here

>https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zer...

Vulnerabilities in third party apps that are used to install Pegasus Apple has less control over.

Wow this is super interesting I noticed this paragraph in the text.

> 2013, Enabling for Encryption Chips: In the NSA's budget request documents released by Edward Snowden, one of the goals of the NSA's SIGINT project is to fully backdoor or "enable" certain encryption chips by the end of 201311. It is not publicly known to which encryption chips they are referring.

From what I know Cavium is one of these "SIGINT enabled" chip manufactures.

> https://www.electrospaces.net/2023/09/some-new-snippets-from...

>> "While working on documents in the Snowden archive the thesis author learned that an American fabless semiconductor CPU vendor named Cavium is listed as a successful SIGINT "enabled" CPU vendor. By chance this was the same CPU present in the thesis author's Internet router (UniFi USG3). The entire Snowden archive should be open for academic researchers to better understand more of the history of such behavior." (page 71, note 21)

> https://www.computerweekly.com/news/366552520/New-revelation...

Unfortunately the relevant text for the second is pretty long so I dont wanna quote it.

I think we are nearly certain that the bug is because of a MMIO accessible register that allows you to write into the CPU's cache (its nearly certain this is related to the GPU's coherent L2 cache).

But I don't think it's 'incomprehensible' that such a bug could exist unintentionally. Modern computers and even more so high end mobile devices are a huge basket of complexity that has so many interactions and coprocessors all over the place I think it's very likely that a similar bug exists undiscovered unmitigated.

> For instance any iPhone could be completely controlled remotely after sending to it an invisible iMessage message.

I don't think the iMessage was invisible I think it deleted itself once the exploit had run, its also worth noting just how complicated the attack chain was and that the attacker _needed_ a hardware bug just to patch the kernel whilst having kernel code execution.

https://robert.sesek.com/2014/10/nsa_s_eci_compartments.html

> HISTORY HST NCSC (TS//SI//NF) Protects NSA and certain commercial cryptologic equipment manufacturer relationships.

Reporting via a third party isn't super unusual if you think that a organisation may be a bit legal threat happy from your report.

AMD uses ARM for its PSP as well which is more than just a TPM.

But afaik it also matters what type of license AMD has.

AMD would be need an ARM architecture license (like Apple has). This license allows you to do whatever you want with the chip (such as adding a x86 style memory model).

The downside to the architecture license is you have clean room design the chip entirely.

Mistakes happen, maybe it's used in the manufacturing or fab phase to test something. Maybe it's used by the GPU firmware itself to perform some operations.

Maybe it was used by some older SoCs to do something and was just never removed.

Apple may not be a small family business but silly mistakes still happen all over the place in nearly every large system.

To quote another post by macran cause I feel like it's super relevant when trying to analyse how this kind of stuff comes about.

@nicolas17 @nil Correct. The question is, how many more of these fun bypasses are left undiscovered? The GPU is a huge amount of hardware and firmware.

Computers are so incredibly complicated now days that these kinds of hardware bugs are likely sitting around elsewhere as well, they don't come around that often because the amount of effort required to find them is likely a lot, which is likely only viable for a nation state actor.

I really doubt it's a backdoor after reading the blog post and this thread chain from a prolific M1 MacBook hacker (macran) I think it was just an unused or very rarely used feature that was left enabled by accident.

https://social.treehouse.systems/@marcan/111655847458820583

Some choice quotes.

First, yeah, the dbgwrap stuff makes perfect sense. I knew about it for the main CPUs, makes perfect sense it'd exist for the ASCs too. Someone had a lightbulb moment. We might even be able to use some of those tricks for debugging stuff ourselves :)

Second, that "hash" is almost certainly not a hash. It's an ECC code*. I bet this is a cache RAM debug register, and it's writing directly to the raw cache memory array, including the ECC bits, so it has to manually calculate them (yes, caches in Apple SoCs have ECC, I know at least AMCC does and there's no reason to think GPU/ASC caches wouldn't too). The "sbox" is just the order of the input bits to the ECC generator, and the algorithm is a textbook ECC code. I don't know why it's somewhat interestingly shuffled like that, but I bet there's a hardware reason (I think for some of these things they'll even let the hardware synthesis shuffle the bits to whatever happens to be physically optimal, and that's why you won't find the same table anywhere else).

The irony here being that no one promised anything to Russia regarding in any actionable way.

But Russia has multiple treaties where they say they will respect the borders and sovereignty of Ukraine.

If those treaties don’t matter to Russia why should any made up promises regarding NATO matter to anyone else.

>https://www.nytimes.com/2023/10/24/world/middleeast/gaza-hos...

I did and this doesn’t sound very “conclusive” at all

>> The Times’s finding does not answer what actually did cause the Al-Ahli Arab Hospital blast, or who is responsible.

>https://twitter.com/QudsNen/status/1718547315764441095

This tweets main source appears to the GreyZone which is a pro Russian propaganda rag that mostly peddles in misinformation I wouldn’t find it credible.

https://www.berlin.de/en/museums/3977291-3104050-spy-museum-...

I haven't seen anything that showed any conclusive proof that the rocket came from Israel, the blast pattern doesn't match any armaments that Israel has airburst or not.

I'm happy to change my mind with a link that provides concrete evidence though, can you provide one.

I think you will find its Russia who invaded, and Russia alone is the one who decided this.

No one else did, everyone else wanted peace, Russia alone wants war.

We have pictures of dead babies from the October raid by Hamas, this is based in reality and is not made up.

But Ukraine is literally using services from a SAR satellite right now, which is run by a private business.

https://www.universetoday.com/157208/ukraine-crowdfunded-a-1...

And yet theres 0 noise or even evidence anyones even thinking of blowing it out of the sky.