ICSI Graduate Student Bill Marczak's Research Featured in Vanity Fair
ICSI graduate student Bill Marczak discovered spyware on the iPhone that exploited three separate zero-day vulnerabilities. His discovery, and his research on how corrupt governments can use spyware to track citizens, is featured in an article in Vanity Fair, How a Grad Student Found Spyware That Could Control Anybody's iPhone from Anywhere in the World. The following is a brief excerpt from the article:
"“This is a James Bond story,” says Mike Murray, Lookout’s vice president of security research and response, a curly-haired 40-year-old salesman type who formerly headed product-development security at G.E. “The guys who did this are James Bond villains, evil arms dealers attacking dissidents in the real world. It’s real. It’s true. This is finding cyber-weapons being used against someone in the real world. Before, people only suspected this might be out there.”
Apple was able to patch the three exploited vulnerabilities within 10 days of being notified by Marczak and his colleages of the discovery -- however, as the article states, "As long as there are hackers, they will continue to find ways to hack any device that interfaces with them."
Update: Following the Vanity Fair article, Marczak was interviewed about the discovery by Larry King on his show PolitiKING in December. Watch the interview here.