Does anyone know what's going on with iOS 14? I didn't upgrade because Apple said it would still be supported but there hasn't been any news in quite a while.Reply
User-set name strings are not trusted data. Even if you filter on submission, people will find ways around it.
This is the second "User can set the name of a device to a string that screws things up badly" bug in recent history. The other one was the "You can set your AirTag name to cross site scripting tags" one.Reply
That’s why i always have HomeKit disabled but it’s the damn Apple upgrade or power cycle that keeps flipping it BACK on.Reply
Ars amongst a number of others had an article covering this  last week. Not that trivial to exploit but sounded relatively nasty if it was triggered, so better late than never. Though HomeKit overall has been a pretty significant disappointment and definitely feels like one of those semi-afterthought type of Apple projects at this point. Important enough or with enough internal sway to not get dropped outright, but not enough to get any serious effort either. Like the Mac Pro maybe, though that one is even more disappointing. So I wonder how many people make much use of it, let alone share with others.
It's a shame there isn't an alternate software path for iOS devices that have aged out of security updates.
I have an iPad whose hardware has life left in it, but as time goes on it's more and more it's worrisome to run a connected device without security updates.Reply
Wow. 12 days into 2022 and we're already up to 22k CVEs filed.
Edit: I was wrong. Thanks @minhazm and @geofft.Reply