> Running an enterprise app still is not a trivial single tap on iOS.
Yes, but still successful, as Hermit demonstrated. So my question is whether Lockdown mode would have prevented APTs like Hermit which it claims to prevent against. If not, then the move is security theater which doesn't address the actual flaws (like poor vetting into the Enterprise Program) being successfully leveraged in the wild.
I had a more detailed reply to an earlier post you made - but the summary is "What constitutes an enterprise that should be allowed to have 'enterprise apps'"
> "What constitutes an enterprise that should be allowed to have 'enterprise apps'"
Apple has a list of requirements - https://developer.apple.com/programs/enterprise/ - for example, a company needs to have at least 100 employees. The issue, however, seems to be how stringently these requirements are enforced, or whether they are at all. In the case of Hermit, the Italian spyware company seems to have created a fake company and tricked Apple into granting the fake company access to the developer program. Now, the interesting question for me is whether the fake company actually managed to pass all of the requirements, like giving Apple a list of 100 fake employees, and whether Apple actually performed their due dilligence and checked whether the employee list was real, or whether they accepted it at face value, or didn't even require it.
In other words, I think a key takeaway from the latest incident is Apple needs to take accountability and harden their Enterprise program entry requirements, and I haven't seen anything about that being the case.
Yes, but still successful, as Hermit demonstrated. So my question is whether Lockdown mode would have prevented APTs like Hermit which it claims to prevent against. If not, then the move is security theater which doesn't address the actual flaws (like poor vetting into the Enterprise Program) being successfully leveraged in the wild.