In the early days of the iPhone, there was a vulnerability that allowed you to jailbreak your phone by visiting a specific web site. IIRC it was some vulnerability in the TIFF handling code. The same vulnerability could have been used to silently install spyware with root level access. No need to break signal's crypto if you can just silently capture screenshots.
It's not hard to imagine some foreign intelligence agency is sitting on some severe zero-day vulnerability, waiting to use it on very high value targets, such as senior administration staff.
You don’t have to imagine. This is a billion dollar intel industry that pays out millions of dollars for vulns, and charges corrupt governments more for access to hack their citizens most private data.
Those unscrupulous enough to sell the vulnerability to the exploiters, there is gold. Of course we would rather they did the right thing and got the bugs fixed.
> No need to break signal's crypto if you can just silently capture screenshots.
This is also something that comes up with esoteric cryptography schemes. There are systems designed so that you could theoretically deny whatever property, but in reality, the bad guy looks at your phone and believes whatever is on the screen anyway.
It's not hard to imagine some foreign intelligence agency is sitting on some severe zero-day vulnerability, waiting to use it on very high value targets, such as senior administration staff.