Probably. Whenever something happens the security services are quick to come up with their wish lists, and the politicians, eager to show the sheeps that they are “doing something! since something must be done!” will pass through whatever until they have enough time to reflect and think.
Cue todays “Leaks” to the press that a Belgian minister suggested that the Paris attackers had use Playstation 4 chat to communicate and some “expert” suggesting that the terrorists were communicating in Call of Duty by spraypainting the secret message with bullet decals…
An arstechnica article about some of the latest info on what kind of intel GCHQ gathers, why and how etc. Quite interesting, and seemingly pretty moderate:
So, the UAE hired a bunch of ex-US government hackers, and this happened. They developed a way to get into any iPhone just by sending a text message. No clicking-on-a-link required.
The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said.
In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.
That sounds like a god-awful wide security issue on iPhones that needs to be patched up. Not working on android also makes me wonder if it’s iMessage related.
A while back there was talk about this issue, related to how iMessage handled URL thumbnails:
But I could also see it somehow related to iCloud, which has had it’s own security issues and is frequently enabled to back up iMessage messages.
EDIT: Hrm … this tidbit from the article seems to point out that it may have been related to that bug, timeline-wise anyway.
It isn’t clear whether the Karma hack remains in use. The former operatives said that by the end of 2017, security updates to Apple Inc’s iPhone software had made Karma far less effective.