the Guardian to reveal global spying program

Forums › Off topic › the Guardian to reveal global spying program

1 | 2 | 3

SaltyNZ

8227 posts

Uber Geek

Trusted

2degrees

Lifetime subscriber

#2747065 20-Jul-2021 11:19

Batman:

don't worry some hackers you would bet would be on to it. soon a check tool will pop up ...

Like this?

iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.

Fred99

13684 posts

Uber Geek

#2747067 20-Jul-2021 11:20

This thread is getting sidetracked/OT by arguments about the legal/moral "wicked problems" surrounding expectations for privacy vs need for security against "bad guys" (defining bad guys is another wicked problem - so the whole issue is a confounded mess of nested wicked problems - there's never going to be an "ideal" solution)

The Israeli company sold spyware (or allowed spyware to be sold) to very bad guys who used it for very bad reasons. If anything, government "spy agencies" should have been able to see what was going on, especially if they were using the tech themselves for "legitimate" reasons.

There's also an unanswered question (well I can't see anything definitive) as to how Google and Apple could have not been aware of what was going on, and then not patched the flaws properly, which suggests to me that they were probably convinced to collude/enable the spyware operation. Then probably because they were lied to about how it was being used.

Fred99

13684 posts

Uber Geek

#2747076 20-Jul-2021 11:33

SaltyNZ:

Like this?

Yes. Could you hazard a guess as to the % of cellphone users who'd be able to understand the first page of documentation.

I think my TV action drama viewing shows the standard method used by the top "bad guys" to make sure they're not being spied on by cellphones. First they grab the cellphone of anyone (friend or foe) who dares to bring one to any "sensitive" meeting or location, smash it to pieces, and to make sure it never happens again they put a bullet through the head of the person who brought their phone along.

I predict this method just got a popularity boost.

Batman

Mad Scientist
29762 posts

Uber Geek

Trusted

Lifetime subscriber

#2747081 20-Jul-2021 11:46

SaltyNZ:

Batman:

don't worry some hackers you would bet would be on to it. soon a check tool will pop up ...

Like this?

that's a start!

Fred99

13684 posts

Uber Geek

#2747098 20-Jul-2021 12:39

Batman:

that's a start!

Yup. There's a more user-friendly discussion here:

https://techcrunch.com/2021/07/19/toolkit-nso-pegasus-iphone-android/

The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently. Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones.

...

The toolkit is — as command line tools go — relatively simple to use, though the project is open source so it won’t be long before someone will surely build a user interface for it.

Behodar

10504 posts

Uber Geek

Trusted

Lifetime subscriber

#2747104 20-Jul-2021 12:54

Fred99:

There's also an unanswered question (well I can't see anything definitive) as to how Google and Apple could have not been aware of what was going on, and then not patched the flaws properly, which suggests to me that they were probably convinced to collude/enable the spyware operation.

I'm not so sure about that one. I suspect that Apple had no knowledge of the spyware and hadn't seen a phone with it installed. There have been a few 'jailbreaks' over the years that have allowed you to get root access to a phone just by visiting a page in Safari, and it's likely that the spyware can use similar vulnerabilities that Apple hasn't yet caught.

Now that Apple has knowledge of it, you can be sure that they'll be trying to get a copy of the software so they can figure out what it's doing and block it. Google will be doing the same.