jiska

I'm reading a bunch of Coruna reports after dinner because I am a cool person who knows how to party. Of particular interest: not only does Coruna not work against iOS in lockdown mode, but if it even detects lockdown mode running, it bails. This is why I talk about lockdown mode so damn much.

Apple Sued by West Virginia for Allegedly Allowing CSAM Distribution Through iCloud West Virginia's Attorney General JB McCuskey today announced a lawsuit against Apple, accusing the company of knowingly allowing iCloud to be used to distribute and store child sexual abuse material (...

Here we go again with iCloud photo scanning. www.macrumors.com/2026/02/19/a...

YouTube video by jiska [0x12] Reversing Shorts :: AirDrop on Android?!

Google's Pixel 10 supports Apple's AirDrop protocol. Curious about how they did this? Let's take a look!

youtu.be/qBsNoa0FOPw

YouTube video by jiska [0x12] Reversing Shorts :: AirDrop on Android?!

Google's Pixel 10 supports Apple's AirDrop protocol. Curious about how they did this? Let's take a look!

youtu.be/qBsNoa0FOPw

Call History Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions Description: A logic issue was addressed with improved checks. CVE-2026-20638: Nils Hanff (@nils1729@chaos.social) of Hasso Plattner Institute

Wallet We would like to acknowledge Aaron Schlitt (@aaron_sfn) of Hasso Plattner Institute, Cybersecurity - Mobile & Wireless, Jacob Prezant (prezant.us), Lorenzo Santina (@BigNerd95) and Marco Bartoli (@wsxarcher) for their assistance.

Two students I supervised in today's iOS release notes 🎉🎉🎉
support.apple.com/en-us/126346

WOOT '26 Call for Papers The 20th USENIX WOOT Conference on Offensive Technologies (WOOT '26) will take place at the Baltimore Marriott Waterfront in Baltimore, MD, USA, on August 10–11, 2026. The USENIX WOOT Conference aims ...

The Cycle 2 deadline for the USENIX WOOT Conference is in ~ 3 weeks (March 3, 2026)!

WOOT continues to include both a Systematization of Knowledge (SoK) track and an Up-and-Coming track (industry-focused).

Details are available in the Call for Papers:
www.usenix.org/conference/w...

YouTube video by jiska [0x11] Reversing Shorts :: macOS "Private" Window Picker

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

youtu.be/P7hYg2GpsTk

YouTube video by jiska [0x11] Reversing Shorts :: macOS "Private" Window Picker

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

youtu.be/P7hYg2GpsTk

Share your videos with friends, family, and the world YouTube

Last weekend, Telekom changed their network name from "Telekom.de" to "Im besten Netz." 📶

Curious about how they did this? Will more ad campaigns follow? And what can you do to change it back?

More details in this video: youtu.be/-PchHdFhl5M

The new AirTags 2 just arrived!

Time to take them apart 🧵

Don't miss out on Jiska Classen's - @naehrdine.bsky.social - training on "Practical iOS Reverse Engineering" at #OffensiveCon26

Find more details here🔗https://buff.ly/psTxdyG

A Glimpse Into DexProtector | Romain Thomas This blog post provides a high-level overview of DexProtector's security features and their limitations

I reverse engineered DexProtector, the security solution protecting applications like Revolut and other banking apps.

From custom ELF loaders to vtable hooking, here is an insight into how these protections work and their limitations.

www.romainthomas.fr/post/26-01-d...

Cracking open what makes Apple's Low-Latency WiFi so fast This talk presents Apple's link-layer protocol Low-Latency WiFi and how it achieves its real-time capabilities to enable Continuity featu...

The Apple LLW recording is already available: media.ccc.de/v/39c3-crack...

[39c3] Cracking open what makes Apple's Low-Latency WiFi so fast Apple's Continuity features make up a big part of their walled garden. From AirDrop and Handoff to AirPlay, they all connect macOS and iOS devices wirelessly. In recent years, security researchers hav...

Want to know how Apple's Low Latency WiFi works?

Today, 3:40pm CET, Hall 1, #39c3.

More details: events.ccc.de/congress/202...
Stream: streaming.media.ccc.de/39c3/one

In 2026, Jiska Classen - @naehrdine.bsky.social - returns to OffensiveCon with a training on "Practical iOS Reverse Engineering". More details here🔗https://buff.ly/psTxdyG

🚀 Don't miss this chance to improve your skills—sign up now!

WOOT deadline approaching 👀

This is Limburg BE, not NL - though they are pretty close.

www.bsides-limburg.be/home

GrapheneOS released some innovative mitigations prior to Apple. Yet, it needs Big Tech to apply such ideas and make phones more secure at scale.

Using an iPhone 17, which now also ships with EMTE, Inactivity Reboot, SPTM, TXM, Conclaves, ...? — Oh, just the average Apple fangirl/boy who gets a new device every year due to camera improvements. ✅

GrapheneOS im Visier der Strafverfolgung Quelle der Bedenken scheinen Berichte mehrerer französischer Medien zu sein, darunter einer der Tageszeitung Le Parisien. Darin wird GrapheneOS als "Geheimwaffe" bezeichnet, mit der Drogenhändler und andere Kriminelle ihre Daten vor der Polizei schützten. Dass sich das Betriebssystem im Vergleich zum Standard-Android besonders schwer knacken lässt, hatte zuletzt eine geleakte Präsentationsfolie des Forensikdienstleisters Cellebrite gezeigt.

Using a Pixel with GrapheneOS that features Inactivity Reboot, MTE, and more? — You must be a drug dealer. 🚨

A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever—along with profile photos and more.

Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for more than a third, the biggest personal data exposure ever by some measures. www.wired.com/story/a-simp...

Binary Ninja 5.2, Io, is live and it's out of this world! binary.ninja/2025/11/13/b...

With some of our most requested features of all time including bitfield support, containers, hexagon, Ghidra import, and a huge upgrade to TTD capabilities, plus a ton more, make sure to check out the changelog!

USENIX WOOT Conference 2026: two submission deadlines this year!

- Cycle 1: December 12, 2025 *only one month away* !
- Cycle 2: March 3, 2026

WOOT still has a SoK track and an "Up-and-coming track" (~Industry), CFP for details:
www.usenix.org/conference/w...

Dein erster Congress? Die Chaospat:innen sind für dich auf dem 39C3 da! Auch in diesem Jahr sind die Chaospat:innen wieder beim Chaos Communication Congress in Hamburg am Start! Interessierte Mentor:innen und Mentees können sich bis zum 25. November 2025 um 23:59 Uhr…

Dein erster Congress und pures Chaos? Die Chaospat:innen sind für dich da. Melde dich bis zum 25. November. Willkommen sind alle, die den #39c3 offener und vielfältiger machen wollen! events.ccc.de/2025/11/10/3...

OBTS v8.0: Diving into C1 Learn more about my talk “What’s at the Bottom of the Sea, One Baseband? - Diving into the C1” at eight edition of the Objective by the Sea conference.

I just published the slides of my #OBTS v8.0 talk about Apple's #C1 baseband. Our C1 #binja loader is now available on GitHub, and you can find a recording on YouTube.

lukasarnold.de/posts/obtsv8...

39C3 Presale: Modus Operandi Wir freuen uns, euch den Vorverkauf für den diesjährigen Chaos Communication Congress anzukündigen. Der Vorverkauf wird dieses Jahr ziemlich genau ablaufen wie letztes Jahr: Der Vorverkauf wird…

Wir freuen uns, den Vorverkauf für den #39c3 anzukündigen. Im Anschluss an die Voucherphase gibt es zwei offene Verkaufstermine. (Fast) alle Engel erhalten heute eine E-Mail mit Voucher events.ccc.de/2025/10/16/3...

On a Saturday night I stumbled across something on the internet that made me feel like ****** my pants. A giant dataset of real surveillance operations targeting 1000s of people across nearly every country. Unraveling it and the mysterious company behind it has consumed 1.5 years of my life

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves The XNU kernel is the basis of Apple's operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in whi...

Want to know more details on Apple's SPTM, TXM, and Exclaves? Read more on this in the paper based on Moritz Steffin's thesis. Lots of low-level details including their security implications are covered.

arxiv.org/abs/2510.09272

CCC | Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress! Der Chaos Computer Club ist eine galaktische Gemeinschaft von Lebewesen für Informationsfreiheit und Technikfolgenabschätzung.

Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress and please submit! The deadline for all submissions for the stages is October 24. #39C3 will take place from December 27 to 30 www.ccc.de/en/updates/2...

USB Restricted Mode already does that - data lines are disabled when the phone is locked. There's logic to still allow devices to maintain a connection when you connected them while unlocked, making it usable but still increasing security a lot. In Lockdown Mode, the policy is more aggressive.