Israeli spyware claims to beat Apple's iCloud security

2»

Comments

  • Reply 21 of 35
    mknelsonmknelson Posts: 864member
    MacPro said:

    The French got hold of it the would even sell it to a NATO enemy in a heartbeat ...remember the Falklands?
    Are you talking about Exocets and Etendards?

    Argentina had been a more friendly country before 1982. They even had modern British built destroyers at the time.
    GeorgeBMacFileMakerFellerwatto_cobra
  • Reply 22 of 35
    Just another good reason to boycott Israeli products.
    That would be difficult, as Israel has heavily invested in technology, and several large companies do r&d there. For example a lot of the technology in Intel Core processors was developed in Israel, with origins in the Pentium M processor.
    GeorgeBMacwatto_cobra
  • Reply 23 of 35
    WgkruegerWgkrueger Posts: 347member
    It would be good to know if it is possible to remove the malware. That would address any issues of having to hand over your iPhone at border crossings. 
    watto_cobra
  • Reply 24 of 35
    thedbathedba Posts: 667member
    The NSO Group, whose software was recently used to hack WhatsApp, says that it develops this malware specifically for government use only.
    I totally love this statement.
    As if this is supposed to reassure us.
    If you read between the lines you may also add this.
    .... for government use only and private clients with truckloads of cash.

    How long does anyone think this will take to find its way into the dark web?
    GeorgeBMacwatto_cobra
  • Reply 25 of 35
    badmonkbadmonk Posts: 1,009member
    thedba said:
    The NSO Group, whose software was recently used to hack WhatsApp, says that it develops this malware specifically for government use only.
    I totally love this statement.
    As if this is supposed to reassure us.
    If you read between the lines you may also add this.
    .... for government use only and private clients with truckloads of cash.

    How long does anyone think this will take to find its way into the dark web?
    agree...the problem is that the US government databases get hacked routinely by criminals...the department of the interior hack from a few years ago, the NSA etc etc by criminals and foreign actors so this is not reassuring.

    i am not a libertarian but this gets me closer and closer all the time.  i think we need a privacy amendment to the constitution protecting our phones and computers like our homes.  Someone can walk through my home and look through my personal items and have a sense of who I am but if anyone had access to my iPhone contents I would be precisely characterized by browsing history, tweets, book reading, email, photos, text messaging etc etc.  We all need to draw a line in the sand.
    cornchipwatto_cobra
  • Reply 26 of 35
    rcfarcfa Posts: 1,124member
    Does this method require physical access to the device to install the Pegasus software? It sounds like that is the case, which makes the threat of most people’s data being compromised much lower. 
    If you travel internationally, at the US (and other) borders, they are allowed to search your electronics. It’s easy to use that to install malware.
    You leave your phone on the charger while you get breakfast in the hotel: plenty of time for malware installation, etc, etc.
    watto_cobra
  • Reply 27 of 35
    Remember the missing disk drives at a number of nuclear research labs?  Government security is an oxymoron.  Bet this will be in the wild in no time.  

    Several countries (including some of our allies) have laws stating disk/memory encryption is illegal (with severe penalties).  US government and others have been collecting huge amounts of data on US citizens since the 1980s.  Where collection is illegal, one of our allies is employed to collect the data.  US and other governments have access to a fair number of encryption keys.  This is just more of the same...  
    watto_cobra
  • Reply 28 of 35
    GeorgeBMacGeorgeBMac Posts: 10,703member
    Just another good reason to boycott Israeli products.
    That would be difficult, as Israel has heavily invested in technology, and several large companies do r&d there. For example a lot of the technology in Intel Core processors was developed in Israel, with origins in the Pentium M processor.
    Very true...   In that way they're a lot like China -- but for some reason we trust them.
  • Reply 29 of 35
    MacPro said:
    gatorguy said:
    So, Israel admits spying on Americans.   What are the chances Trump will do anything about it?
    The software is only sold to governments FWIW. Of course that would not preclude the French government from purchasing and  "spying" on an American or vice-versa. Of course the US wouldn't spy on a French citizen anyway... . 
    The French got hold of it the would even sell it to a NATO enemy in a heartbeat ...remember the Falklands?
    That is just a silly statement ...
  • Reply 30 of 35
    chasmchasm Posts: 2,404member
    gatorguy said:
    Interestingly Apple did comment  and does not deny the existence of the software, saying:
     “some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers.”
    Yes, Apple is acknowledging that such tools exist. I’m not sure why this surprises you — other firms like Celebrite (sp?) have been advertising similar capabilities for years. Apple’s statement makes it clear that these tools work “on a very small number of devices,” i.e. devices that have been captured by the attacker, or that require multiple barriers (like physical access AND admin access) to overcome.

    The purpose of the statement is to say that Apple’s platform is secure for people not being targeted by high-level state or rogue actors, but Joe Citizen should remain unconcerned about it. If Apple didn’t acknowledge these tools, people would interpret this to mean that Apple wasn’t doing anything to block them or improve security — which is of course not true.
    watto_cobra
  • Reply 31 of 35
    gatorguygatorguy Posts: 23,302member
    chasm said:
    gatorguy said:
    Interestingly Apple did comment  and does not deny the existence of the software, saying:
     “some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers.”
    Yes, Apple is acknowledging that such tools exist. I’m not sure why this surprises you 
    It doesn't surprise me at all. That was written for another poster who had doubts it was real. 
  • Reply 32 of 35
    not_anton said:
    So this spyware only needs a physical access to the device and an admin password to work?
    Sounds like an old joke about viruses on Linux - they work if you find and install correct versions of all necessary libraries.
    The main way it gets onto your phone is if you click on a link that is sent to you via email or SMS.  I *believe* it can get onto your phone via other ways, but would love to hear how.  It is possible it is secretly embedded in other, random Web sites around the world, and there are possibly ways that they can do it that they won't disclose.  Citizen Lab has done a great job attempting to keep track of this company's activities.  
    watto_cobra
  • Reply 33 of 35
    Does this method require physical access to the device to install the Pegasus software? It sounds like that is the case, which makes the threat of most people’s data being compromised much lower. 
    I believe this is a piece of malware that executes on a timer of some sort without any interaction on the users part. It releases a payload then snoops using a "man in the middle" attack of which it mirrors the compromised login information and uses a remote server to be authenticated as the user. So it appears there they have to use email to deploy this thing. Probably better to use webmail and not download email on your actual device when traveling over seas as well as deleting anything looking suspicious from your inbox right away.
    watto_cobra
  • Reply 34 of 35
    Just another good reason to boycott Israeli products.
    That would be difficult, as Israel has heavily invested in technology, and several large companies do r&d there. For example a lot of the technology in Intel Core processors was developed in Israel, with origins in the Pentium M processor.
    The boycott of Israeli products is intended to be used against obvious Israeli goods. Goods which are marked made in or grown in etc.,
    High Tech products are now almost internationally developed and produced, it's only "National(ist) Security" or commercial secrecy which keeps most of the nefarious activities of governments from spilling out into our structured "Free-Press" and speech. 
Sign In or Register to comment.