@alecmuffett On devices where updates bring antifeatures (e.g printers newly banning 3ed party ink) people have long known to block updates.
Under these scenarios, you get a known good snapshot OS and KEEP IT. If the device cannot be defended against hackers except by periodic factory reset, stop using it for shopping, banking, or secure communication.
@LukefromDC
The problem is that Apple is between a hard place and bad place.
They literally brag how they their platform under their thumb. So whenever little fascist states decide upon stupid ideas they need to implement, it's the China CCP scenario again and again: Apple needs to deliver and deliver promptly.
And because they have their platform nailed down like that, it's just a question of time till they'll start forcing upgrades on devices that are "not legal".
@LukefromDC
The reality bad part of the "force device manufacturers to break devices by law" is that the different jurisdictions can potentially force manufacturers to change their designs globally.
So then to end up with devices and software being shipped with hundreds of binary blobs for "age verification", "id checking" provided by authorities dormant. Absolutely brilliant from an ItSec perspective.
Trust us that age verification module from @alecmuffett
the Peoples Republic of North Korea is totally benign, and there is absolutely no legal reason it should not be sitting dormant on the secure mobile phone that President of the United States uses.
Oh sure it's loaded only once during initialisation like all the others to query it off it recognizes itself relevant for the locale.
Totally benign and harmless.
But unused shared libraries are additional attack surface for exploits.
@alecmuffett @LukefromDC
Alec Muffett
LukefromDC
Andreas K