case of recent attacks on iphones of opposition members in india

someone1223

Have you guys heard the news that opposition members in india is notified by apple that their iphones is being targeted by state sponsored hackers? How did apple know it? Is it possible to be notified like that from GOS without breaching privacy? We already trust GOS and their update servers so this shouldn't be a huge concern, right?

Hat

There is a tweet from akc3n about Apple threat notification, and pointing to GOS's security features against unknown vulnerabilities. https://grapheneos.org/features#exploit-protection

It's not said how Apple is knowing about a targeted attack. The most private way is monitoring login attempts at Apple users account (iCloud, app Store...). To be more efficient this alert should use device monitoring looking at any networks request or unusual behavior, and sending a report to Apple.
The Lockdown Mode seems to not be needed to received this kind of alert. It's worth remembering that most people aren't enough important to receive targeted state attacks.

Is it possible to be notified like that from GOS without breaching privacy?

There isn't any built-in feature in GOS to monitor your device yourself. There are apps able to log network requests using the VPN profile. I don't know if they are reliable to detect highly advanced attacks, there are several vectors to reach a target.

We already trust GOS and their update servers so this shouldn't be a huge concern, right?

Updates are signed and the only informations handle are version being upgraded and IP address used to connect, so that reduce significantly a targeted update to a specific user.
https://grapheneos.org/usage#updates-security