Clarify "who's security policy" in Scope section #18
Description
In the Scope section, document the question about "who's security policies do we care about" sort of thing. The user may not be violating their own (implicit) security policy if they jailbreak their own phone. But the kernel vul they use certainly violates the kernel's security policy. Recommend avoiding anything where we need to have evidence of whether the person doing so has an "attacker-like" state of mind, if for no other reason than it's impossible to gather evidence for. So in this case, the jailbreak method is, or at least contains and uses, a vul.