Figured I’d share my finding here…
I got the notification for iOS 16.5.1(c) rapid security response today. Despite hearing about it breaking some sites forcing Apple to pull the update a couple weeks back from a podcast (I want to say ATP but I can’t find it in the show notes so I can’t link to the episode), I decided to install it anyway. After installing and restarting the phone, I found almost nothing works. My games spins forever, all web browsers never loads any website, but surprisingly, iMessages were flowing through.
I poked around a bit, turning wifi off and on again, using cellular data only, toggle between roaming network, etc. and nothing worked. Then I noticed the little VPN icon that flashes by so I went and disabled AdGuard VPN and things seems to work again.
Originally I uninstalled the rapid security patch, and things worked again, but then I realized I’d rather put up with some ads than deal with whatever security ramifications not having the patch would cause. Bearing in mind: the intent of these rapid security patches is that Apple thinks these patches are of utmost urgency (I.E. security issue that’s actively exploited in the wild) and they don’t want to slow people down with a big iOS upgrade, so they release and apply these patches quickly. I ended up reinstalling the patch, and turned off my AdGuard in the mean time. Hopefully AdGuard catches up and release a fix next version or two.
Anyway figured I’d drop the note here in case if anyone else is searching on their Mac trying to figure out why their iPhone isn’t working after that patch.
I did in fact read the paper before my reply. I’d recommend considering the participants pool — this is a very common problem in most academic research, but is very relevant given the argument you’re claiming — with vast majority of the participants being students (over 60% if memory serves; I’m on mobile currently and can’t go back to read easily) and most of which being undergraduate students with very limited exposure to actual dev work. They are then prompted to, quite literally as the first question, produce code for asymmetrical encryption and deception.
Seasoned developers know not to implement their own encryption because it is a very challenging space; this is similar to polling undergraduate students to conduct brain surgery and expect them to know what to look for.