Batman:

 

don't worry some hackers you would bet would be on to it. soon a check tool will pop up ...

 

Like this?

This thread is getting sidetracked/OT by arguments about the legal/moral "wicked problems" surrounding expectations for privacy vs need for security against "bad guys" (defining bad guys is another wicked problem - so the whole issue is a confounded mess of nested wicked problems - there's never going to be an "ideal" solution)

The Israeli company sold spyware (or allowed spyware to be sold) to very bad guys who used it for very bad reasons.  If anything, government "spy agencies" should have been able to see what was going on, especially if they were using the tech themselves for "legitimate" reasons.

There's also an unanswered question (well I can't see anything definitive) as to how Google and Apple could have not been aware of what was going on, and then not patched the flaws properly, which suggests to me that they were probably convinced to collude/enable the spyware operation.  Then probably because they were lied to about how it was being used.

SaltyNZ:

 

Like this?

 

Yes.  Could you hazard a guess as to the % of cellphone users who'd be able to understand the first page of documentation.

I think my TV action drama viewing shows the standard method used by the top "bad guys" to make sure they're not being spied on by cellphones.  First they grab the cellphone of anyone (friend or foe) who dares to bring one to any "sensitive" meeting or location, smash it to pieces, and to make sure it never happens again they put a bullet through the head of the person who brought their phone along.

I predict this method just got a popularity boost.

SaltyNZ:

 

Batman:

 

don't worry some hackers you would bet would be on to it. soon a check tool will pop up ...

 

 

 

 

Like this?

 

that's a start!

Batman:

 

that's a start!

 

Yup.  There's a more user-friendly discussion here:

https://techcrunch.com/2021/07/19/toolkit-nso-pegasus-iphone-android/

 

The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently. Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones.

 

...

 

The toolkit is — as command line tools go — relatively simple to use, though the project is open source so it won’t be long before someone will surely build a user interface for it.

 

Fred99:

 

There's also an unanswered question (well I can't see anything definitive) as to how Google and Apple could have not been aware of what was going on, and then not patched the flaws properly, which suggests to me that they were probably convinced to collude/enable the spyware operation.

 

I'm not so sure about that one. I suspect that Apple had no knowledge of the spyware and hadn't seen a phone with it installed. There have been a few 'jailbreaks' over the years that have allowed you to get root access to a phone just by visiting a page in Safari, and it's likely that the spyware can use similar vulnerabilities that Apple hasn't yet caught.

Now that Apple has knowledge of it, you can be sure that they'll be trying to get a copy of the software so they can figure out what it's doing and block it. Google will be doing the same.

and it took a newspaper to tell them that!