[kingu]

Install an app from a 3rd party - so you've got to turn on third party apps, then you have to approve installing another app after getting the MMS message.. Reminds me of the Lightning port attacks on Apple - a whole lot of ifs (though I guess easier on Apple since you can set up a ‘recharging station’ in a public place and people will happily plug into the offered cables.)

[Swordmaker]

Install an app from a 3rd party - so you've got to turn on third party apps, then you have to approve installing another app after getting the MMS message.. Reminds me of the Lightning port attacks on Apple - a whole lot of ifs (though I guess easier on Apple since you can set up a ‘recharging station’ in a public place and people will happily plug into the offered cables.)

No, because the attack you are speaking of is not for iOS. . . it was Thunderstrike 1 & 2 and affected Apple Mac OS X through the Thunderbolt device data port, not iOS iPhones/iPads through the Lightning power port.

Plugging in an iOS device with a Lightning power connection can perhaps be an attack venue if you were to connect to a computer device, but the system has to handshake with an already known computer device and then requires the user's AppleID to do so.

Some self-described "security researcher" claimed he had found undocumented, hidden and nefarious, built-in backdoors in iOS devices about a year ago. He was quickly and roundly slapped down by the developer community when they got a look at his so-called "hidden back-doors" and it turned out they were very well known documented AND secure, Apple iOS System libraries used for backing up iOS devices to iTunes and iCloud. . . just off-limits for developers and available only for specific permission system apps, which developers are not permitted to use.