Certificate Trust Settings?

One more thing, about that partial update, yeah I tried deleting several times. No dice. I imagine I would have to reformat the HD and guess who isn’t in the mood to go through that hassle again? Me. I did it one year oooooh about 200 times. I own 7 different iCloud accounts now as well trying to get rid of this crap.

On my kids Mac 27inch there was a gamed file asking for contact permissions that was undeletable from the permissions but it seems like it was patched this latest update and is gone now. There was also an AESserver asking for full file access which I believe is related to remote access and I don’t use that EVER, neither does my kid and she had an ssh-keygen file asking for full disk access(these were deleted but come back after a few days) So yeah lots of weird stuff but right now just focused on the iPhone. Just making sure everything is good and if others have my issue to also comment and figure it out. Maybe the more people see this Apple will take notice.

Yes I read the discussion you in particular had with someone else. i don’t feel your information is completely accurate and I don’t feel your answers were satisfactory to ease my mind. Furthermore, you decided to argue with those people about certificates instead of addressing the more important issues that were being presented.

you have done the same here. I have presented various issues and you chose to only speak about the certificates. If the certificates are fine, great, but several people have the exact same issues as me with the apps and the security so there is something wrong whether the certificates are the same or not. There is a deeper issue that we are all concerned with and I don’t think anyone would care about the certificates if the rest of the information could be put to rest. I would like to wait for someone that is more knowledgeable on the actual remoting into the iPhone and the capabilities to break in. With a daughter that is 13 I think my concerns are extremely grave and I need someone to help me fix this issue and make sure her phone and my phone are not being spied on.

• The issue that the phone is unlocking itself is a bug, please report it.

i will.

• Apps are not installing because of Low Power Mode.

i know. It does it on 100% also. I’ve had iPhones almost 10 years.

• The 'cloud' icon you're seeing means that it is offloaded (the app has been deleted, its data has been kept on your iPhone). To turn it off, go to Settings, scroll down to App Store, then toggle the 'Offload Unused Apps' to 'Off'

i also know this. I was complaining about the apps that WERE offloaded and had NO ICON. So they look like they are on the phone but they are NOT. (Using caps to emphasize not to scream or give attitude) 15.1 update fixed this issue.

• The 9.9 MB update is a partial upgrade that was, and will, never be installed, and you can click on 'Delete Update'.

yeah tried that a bazillion times and nothing. I know my way around the phone quite a bit. So I tried all the regular tricks but no luck.

I’m not novice. I’d say I’m an intermediate to advanced user. This is a little more involved than these responses can cover unfortunately, but thanks anyways!

You sound like me three years ago. That’s how and why I got into Cybersecurity as a hobby. It was a nightmare, and I am still not sure everything is right. It’s also in my network and affects every device but in my case apple deals with it better. I do not connect the windows computer at all to the internet because I do not want any more issues. On Apple it’s not that noticeable. Weird things like what I showed before in photos, but nothing blatantly crazy. I once found diagnostics on my iPhone saying I was jailbroken when I had never done that to my phone.

im going to tell you right now, my advice is dont go crazy. Keep sending bug reports and get on the public betas FOR EVERYTHING. And just keep sending reports. A lot of the stuff I sent in and prioritized as security issues were eventually solved. That is why I don’t notice it as much anymore. I think these are AI malwares and it’s beyond any normal human scope. You are fighting an uphill battle you will never win.

My heart goes out to you because I know exactly what you are going through. I know the feeling of everyone dismissing you when you have legit concerns. It’s rough, but it made my skin way thicker as you can tell from my previous convo. I’m done with naysayers.

We aren’t the only ones. I’ve been submitting bug reports for three years now. Just keep at it. The developers do look at it and do address your concerns. If enough people report it, it gets fixed quicker. Another bit of advice, get on VIrusTotal and Hybrid Analysis. Make accounts and upload any and all suspicious files. Every time you upload to those services it flags the files and sends the info to everyone in the tech community that does antimalware engineering. Those people live to hunt and fix this stuff so it helps a lot.

Forget about telling the companies without the bug reports. No one is gonna listen. That’s when I learned to document the issues and state the issues clearly and without emotion.

if you need any help you can reach out at my gmail address with the username i have her “abandonedmuse” (no quotes) as the username for gmail. I just don’t want to write it out because of the bots. And trust me, you’ll be okay. Getting upset isn’t gonna solve anything. You have to just keep calm and do as much documentation as possible and submit, submit, submit!

Also, learn to cover most of your cameras, speak with no phones or open laptops in the vicinity, turn off wifi when you dont need it, reset your router often by turning it off for 30secs or more, use strong passwords, submit everything you find, update often, get on public betas, get into cybersecurity and reading white papers, learn to read log files and computers language, study up on all malware that’s out there, no password managers on devices ever, (Use a handwritten notebook and write them down and leave the notebook somewhere safe), finally, don’t say or do anything online that could compromise you and your reputation. I’m a saint online now lol

imagine you are always being watched. Think Truman Show and you will greatly improve your life and what you say.

Understand this may be way bigger than we imagine. It seems to me this is surveillance software from a nation state running on neural networks, and the fact we can’t delete it no matter what, tells me probably most people have it and have no clue. Its a theory of mine, but so far I have been right about most of the things I have found.

I have never seen anything like it. Before or since. No one believes me until they see it doing something weird like stop all antivirus software from working or corrupting things I’m working on.

Reach out at the email I said if you need to talk. I know your frustration. Don’t think you are crazy. You aren’t. You’re just observant.

oh also of note Microsoft found three trojans about a year apart. One was called Sirefef.D which is the Zero access trojan. Not sure if that’s what we have on Mac but these trojans affect most OS if they update it. That’s why I leave my windows computers offline permanently.

Apple has never said I have anything but they fix things quietly, and quickly. Microsoft admits it and finds quite a few files whenever it’s all working but they don’t work as fast.

here are some of my favorite photos over the years lol

asian app on windows

virus total insanity from mac files

Chinese registry files on windows

My new MacBook Pro after I had used it for ONE DAY back in 2018.

All the trojans I found over time.

Stay strong. Xoxox

“If you want to ask about the cloud symbol next to apps that is because the apps have been offloaded to make room in storage. Those apps were chosen because they haven’t been used recently. The data for those apps is preserved, but the apps have been removed. When you tap on one it will reload from the app store.”

yes. That’s the basics of how iCloud works. I think you are missing a key detail and that is that some of the apps have a little cloud symbol and some don’t. See after I use an app I immediately put it back in the cloud. Especially more security related applications so that the data remains on my phone but with no access to a way to get to it.

as for your knowledge on cybersecurity, in the latest update there were two remote pathways a person could take. I think you are talking about the good ol days of apple which by now some code is so sophisticated no human could probably keep up with all the exploits. Apple does a great job of securing snd patching but it’s been known for a while, this is one of the most highly coveted and targeted OS to brag that you were able to hack in the market. Ever heard of any of the CIA leaked malware that could get into people’s phones without even being in the same country?

You realize there are literal neural networks out there that are deep machine learning that can exploit right?

I have made malware for a proof of concept that infects you by being around just your speakers for FIU. With ultra sound that you would have never heard. And yeah, we hacked into a MacBook. It was pretty simple. As long as you can access terminal you can do wonders. So please, don’t talk to me like I haven’t read a bazillion white papers and know my stuff. Now do I do this for a living? No. I studied this, but I have since moved on because the time spent in front of a computer was making my eyes bleed. (Not literally but figuratively) I also do not know every single zero day exploit out there currently being shared on github which by the way, are plentiful, if you bother to look.

That’s what I meant. They are not on my phone. Sorry I wasn’t being SPECIFIC. I meant the data gets stored in the cloud. The app yes, gets deleted and redownloaded. I was honestly annoyed at the 5th grade lesson you were trying to give me. So yeah. There’s your answer. In this way the most important data gets uploaded to iCloud, and the app every time I download it again is up to date.

About the bounty, I think they actually caught that exploit not long after, and we were not the first to do it so we had no dibs on it. There was a group that made a software with JS that was called pied piper (yes, like the app from Silicon Valley the show) that had beat us to the punch and done it way better and way slicker than we ever did. We were bad *** but they were better. I believe they are still patching core audio files in this latest release. Trust me if I had the patience to sit and look for exploits I would have been a millionaire by now. It’s grueling work. I did it for Barnes and Nobles and I didn’t even get a thank you letter. I was a bit disheartened after that.

I also want to add that a ton of stuff I have sent them in bug reports back when I used to do the public betas got patched and I have even talked to engineers. They are pretty great and truly try and help.

But I have never prepared the paper work for a whole white paper or bug bounty by myself. The other POC I did was with a group of 9. Maybe one day I will get back into it. I just do it as a hobby now. I dabble. I play on Virus Total and look for malware and DNS spoof sites and post stuff I find. Just to help out wherever I can. But those papers are no joke and you have to be able to replicate the malicious code. If you don’t know how it’s done they won’t pay you. A lot of the stuff I have seen on my own phone I have zero clue how it’s done and I wouldn’t be able to replicate. It’s truly not as easy as it sounds and the competition is fierce.