As discussed in other threads it’s a non system APK which holds no dangerous permissions and can’t gain them. It will (once enabled and if you let it) scan inbound and outbound messages for nudity. It’s there to prevent people from receiving unsolicited nudes without consent, or if they’re sending nudes make sure they aren’t falling into some pedo groomer blackmail.

I understand the initial response, but now that the info is available I question the motives of people still spreading it.

You’re not missing anything. This is FUD.

Are you talking a VPN running on the same box as the service? UDP VPN would help as another mentioned, but doesn’t really add isolation.

If your vpn box is standalone, then getting root is bad but just step one. They have to own the VPN to be able to even do more recon then try SSH.

Defense in depth. They didn’t immediately get server root and application access in one step. Now they have to connect to a patched, cert only, etc SSH server. Just looking for it could trip into some honeypot. They had to find the VPN host as well which wasn’t the same as the box they were targeting. That would shut down 99% of the automated/script kiddie shit finding the main service then scanning that IP.

You can’t argue that one step to own the system is more secure than two separate pieces of updated software on separate boxes.

https://nvd.nist.gov/vuln/detail/cve-2024-6409 RCE as root without authentication via Open SSH. If they’ve got a connection, that’s more than nothing and sometimes it’s enough.