What is Nostr?
dm /
npub12v8…9f8n
2023-09-22 06:51:20

dm on Nostr: What’s the rationale behind iOS requiring the screen lock password before allowing ...

What’s the rationale behind iOS requiring the screen lock password before allowing you to install an OS update?

The only thing I can think of is that an attacker with temporary access to an unlocked device can join it to a malicious network and serve a legit (signed) update image that happens to contain a vulnerability? Like a “Bring Your Own Vulnerable Driver”-style attack? But assuming iOS updates are monotonic (i.e. no downgrades), wouldn’t a user always be advised to install a signed update?

Or is the answer something more trivial, like, “because a UX designer proposed it”?
Author Public Key
npub12v8nvt5qt60jwfvdpdhn6cxesgy3r8890zsfxtapnmvq9r40ntesq09f8n