Three Buddy Problem Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA
14 snips
Oct 24, 2025 Delve into the implications of iOS 26 cutting off crucial forensic tools for identifying iPhone malware. Discover the mystery behind a million-dollar WhatsApp zero-click exploit that fizzled at Pwn2Own. Explore a surreal court case involving a Trenchant developer accused of selling attack secrets to Russia. Unearth tensions as China’s cyber intelligence implicates the NSA in espionage activities. Finally, hear discussions on the need for a structured legal framework for offensive cyber operations in the U.S.
AI Snips
Chapters
Books
Transcript
Episode notes
Shutdown.log Was A Silent Witness
- iOS shutdown.log provided a reliable historical process snapshot that aided detection of persistent spyware.
- Removing or truncating it on boot significantly reduces forensic visibility into infections.
Upgrade After Backing Up Logs
- Upgrade to iOS 26 to benefit from security fixes but first export current diagnostic logs.
- Prioritize moving to a harder-to-exploit OS state over clinging to older forensic artifacts.
Private Deals Can Kill Public Exploit Entries
- High-value zero-click exploit authors often prefer private disclosure or contracts over public contest prizes.
- Big vendors can outbid contest payouts by recruiting researchers directly.
