Ryan Pickren:

This post is a technical walkthrough of how I discovered several zero-day bugs in Safari during my hunt to hack the iOS/MacOS camera. This project resulted in me gaining unauthorized access to Front & Rear Cameras, the Microphone, Plaintext Passwords, and more.

Before I jump in, I want to start with a quote from an old colleague of mine – “Bug hunting is all about finding assumptions in software and violating those assumptions to see what happens.” That is precisely what we are going to do today. We are going to dive into the murky depths of Safari and hammer the browser with obscure corner cases until we uncover weird behavior quirks. Once we collect enough quirks, we can tie them together into a full kill chain.

The question all iOS/macOS users must ask themselves… how much do you trust Safari?

I don’t have the programming chops to know whether or not this actually possible but it’s an interesting description of how bug hunters and hackers discover information.