The Pegasus Project - spyware for the average phone -

  • We are being DDoS attacked still and 12,000 people are reading about incest. Expect weird errors. Most should go away by refreshing. Emails (registration / password reset) appear to be working; be sure to check spam.

    THE MERGE IS ON.

Shig O'nella

Smells of fresh baked lead
kiwifarms.net
Since security is a fairly big aspect of farming Kiwis, I thought it might be of interest to make a thread.

The Guardian has just dropped a series on NSO and their phone spyware Pegasus. It's a fairly in depth look, so the tl:dr so far:

NSO is an Israeli firm that makes spyware which it licences to various governments and government entities for serious shekels.
Pegasus has been around since 2016 or so, infects both Android and iPhone, and allows root access to the OS, which in turn lets it access and use pretty much anything on your phone.
Earlier iterations needed the phone owner to click a link, the most recent iterations can install from an ignored or unanswered Whatsap call and are more or less untraceable.
The program can be forced to reside in memory by whoever distributes it, so all traces of it disappear when the phone is powered off.
 

Joe Swanson

Famed Tv Cripple
True & Honest Fan
kiwifarms.net
How would one get infected on iOS though, it's pretty much completely locked down
 

Shig O'nella

Smells of fresh baked lead
kiwifarms.net
From one of the articles: "More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks."
 

3119967d0c

"a brain" - @REGENDarySumanai
True & Honest Fan
kiwifarms.net
From one of the articles: "More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks."
Now, I will say that Apple is probably the better choice privacy wise if you're not a big target of the jews... but, that being said, you can learn all you need to know from "Apple says it is continually updating its software to prevent such attacks".

Has Apple stopped selling hardware and software to NSO? To the zionist entity? To the ADL and B'nai Brith? Of course they haven't.

Will iOS updates that remove NSO spyware warn the user that they were attacked by the jews? I very much doubt that.

And as Snowden pointed out in a tweet..
Apple also restricts the access outside researchers have to iOS, the mobile operating system used by iPhones and iPads, in a way that makes investigation of the code more difficult and limits the ability of consumers to discover when they’ve been hacked, researchers say.
Among those targeted by the jews are Mexico's center-left President Andrés Manuel López Obrador, and the leadership of the Indian National Congress.
 

Flabba_Wabba_Jabba_Noonga

Clothes are meant to be worn!
kiwifarms.net
Since security is a fairly big aspect of farming Kiwis, I thought it might be of interest to make a thread.

The Guardian has just dropped a series on NSO and their phone spyware Pegasus. It's a fairly in depth look, so the tl:dr so far:

NSO is an Israeli firm that makes spyware which it licences to various governments and government entities for serious shekels.
Pegasus has been around since 2016 or so, infects both Android and iPhone, and allows root access to the OS, which in turn lets it access and use pretty much anything on your phone.
Earlier iterations needed the phone owner to click a link, the most recent iterations can install from an ignored or unanswered Whatsap call and are more or less untraceable.
The program can be forced to reside in memory by whoever distributes it, so all traces of it disappear when the phone is powered off.
> Most powerful spyware ever made
> Jew company
Wew lad.
 

RembrandtCourage

True & Honest Fan
kiwifarms.net
Earlier iterations needed the phone owner to click a link, the most recent iterations can install from an ignored or unanswered Whatsap call and are more or less untraceable.
Then if you don't have whatsapp then wouldn't you in theory be unable to get such a call?
 

Besachf Jhakut

Irredeemable Deplorable
kiwifarms.net
How would one get infected on iOS though, it's pretty much completely locked down
All signs point to that being required because inside it's a complete shit show as is common with closed source software from companies who are primarily hardware creators. See also how bad the macOS quality story regularly gets.

So Apple's automated tools that vet submitted apps and their upgrades are an absolute necessity because under the hood it's not hard to crack the system, and thus entities that put serious effort into understanding iOS can frequently find cracks. This is one of the few areas where Android appears to be superior, Google is primarily a software company.
 

Norvic

too gay to lift
True & Honest Fan
kiwifarms.net
How would one get infected on iOS though, it's pretty much completely locked down

All it takes is one remote code execution flaw + one privilege escalation flaw and any computing device is owned beyond repair. Even the jailbreaking community who do it for the lulz consistently find iOS exploits. Imagine the library of exploits a company that has money to throw at the problem has. I expect they buy on the black market as well as having in house researchers.
 

Tealeaf

ALTEATUDE
True & Honest Fan
kiwifarms.net
Phones are fully fledged computers running large operating systems and therefore have a large surface area for exploits. They can be excellently architected, fundamentally secure systems but by their sheer size and frequent updates always have weak points waiting to be found.

Glowie security companies with essentially infinite money can almost always find the handful of exploits they need to do what they want to do.

But hopefully the state of computer security has advanced enough that don’t get another casual virus pandemic like ILOVEYOU ever again. It’s remarkable that our major source of security concern is spearfishing by glowies, not that literally every device is pwned by like five different malwares.
 

Pissmaster

True & Honest Fan
kiwifarms.net
Then if you don't have whatsapp then wouldn't you in theory be unable to get such a call?
Yeah, I figure they specifically mentioned that because the call must send some sort of code that executes on the receiver's phone through their WhatsApp app, as opposed to whatever software reads normal incoming calls on your phone otherwise.

Friendly reminder that WhatsApp is a Facebook™ product, lol. All the more reason to not be Zuck's cuck.
 

3119967d0c

"a brain" - @REGENDarySumanai
True & Honest Fan
kiwifarms.net
Yeah, I figure they specifically mentioned that because the call must send some sort of code that executes on the receiver's phone through their WhatsApp app, as opposed to whatever software reads normal incoming calls on your phone otherwise.

Friendly reminder that WhatsApp is a Facebook™ product, lol. All the more reason to not be Zuck's cuck.
Yeah, the other side of it is that you're probably vulnerable if you have Facebook Messenger installed, given the shared platform.

And, of course, if you have an iPhone.. if you can receive iMessages. Which I imagine is impossible to turn off.
 

Besachf Jhakut

Irredeemable Deplorable
kiwifarms.net
And, of course, if you have an iPhone.. if you can receive iMessages. Which I imagine is impossible to turn off.
Given the fuckery I've read about Apple doing if you associate a phone number with iMessages and then later want to move off their ecosystem, it's the first thing I turn off when I get a new iPhone. They make it very obvious and easy, Settings -> Messages and it's the top option.
 
Top