Pegasus Spyware

Discussion in 'The Bar' started by newcastlefan, Aug 27, 2016.

  1. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,792
    Joined:
    Dec 31, 2011
    Messages:
    57,658
    Likes Received:
    16,964
    FYI: if you have an iPhone you should upgrade iOS to v9.3.5 released yesterday. It closes the exposure exploited by Pegasus (probably the most advanced spyware ever detected so far) used by the Feds to get into your phones.

    If you have a Droid or Blackberry forget about it cause every govt already owns your phone.
     
    walterHwhite likes this.
  2. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,792
    Joined:
    Dec 31, 2011
    Messages:
    57,658
    Likes Received:
    16,964
    On August 25 Apple advised all iPhone users to immediately install a security update to avoid being infected by the “Pegasus” spyware, which some experts are calling the “most sophisticated” software ever created to spy on smartphones.

    The discovery of the Pegasus spyware on an iPhone came as a shock to the cyber security world. The software was created by the Israeli company NSO as a way to spy on Apple, Android and Blackberry smartphone users.

    This cyber weapon is “by far the most sophisticated ever detected” on a mobile device, Gert-Jan Schenk, Europe and Middle East vice-president of Lookout – a company that analysed the virus – told FRANCE 24. He explained what is so unique about Pegasus.

    FRANCE 24: What makes Pegasus different from other mobile spyware?

    Gert-Jan Schenk: We’ve never seen spyware this sophisticated before. The user can’t detect the software on their smartphone, even after it has been contaminated. Plus, no data encryption can effectively protect against [Pegasus]. And its developers discovered three different security flaws that Apple didn’t know about.

    If Pegasus can override data encryption, does that mean it is able to follow conversations on WhatsApp and Telegram?

    You have to understand how Pegasus works. This spyware installs itself in the kernel of the phone – in other words at the heart of the operating system – which allows it to intercept conversations even before any encryption happens. It’s as if a spy could see what the user is typing on their keyboard. So basically the encryption of an app like WhatsApp or Telegram is useless against Pegasus.

    Could this program be used to fight terrorist groups like the Islamic State (IS), some of whose members use Telegram?

    Intelligence services can in effect use it for that purpose. It’s an unmatched tool for learning as much as possible about anyone since except for your spouse or partner, no one knows more about you than your phone.

    Since regulation of cyber-weapons sales is very loose, NSO can decide to sell Pegasus to whomever they see fit. The company says that it will only sell the software to “authorised entities”, but they are the ones who decide what fits into that category. They could mean a repressive government or a state-run corporate espionage service. That regulatory vagueness is very dangerous when we’re talking about a digital weapon as dangerous as this.

    But didn’t Apple issue a security update that should fix the problem?

    First of all, the same software exists for Android and Blackberry, and we can assume that it is just as powerful. Second, Apple’s update only guarantees that Pegasus can no longer be installed on iPhones. But the spyware will continue to exist on smartphones that have already been contaminated, without the owners even noticing.

    We’ll have to find out if the Apple update is effective against cyber spies who want to gain access to iPhones remotely.

    This story was translated from the French original by Avi Davis
     
  3. ChuckZ

    ChuckZ You're so pusillanimous, oh yea.

    Reputations:
    190,274
    Joined:
    Sep 18, 2010
    Messages:
    206,951
    Likes Received:
    39,926
    I hope my Tracfone is safe.
     
    Mr Sinister and DarkFriday like this.
  4. LonghornJ

    LonghornJ VIP Extreme Gold

    Reputations:
    238,571
    Joined:
    Sep 16, 2010
    Messages:
    33,079
    Likes Received:
    23,608
    Technology is wonderful they said... everything will be so much more convenient they said.....
     
    DarkFriday likes this.
  5. ChuckZ

    ChuckZ You're so pusillanimous, oh yea.

    Reputations:
    190,274
    Joined:
    Sep 18, 2010
    Messages:
    206,951
    Likes Received:
    39,926
    The Feds would be bored with my calls.
     
  6. DarkFriday

    DarkFriday Fired as a MOD...Twice. Gold

    Reputations:
    718,690
    Joined:
    Jul 6, 2011
    Messages:
    172,017
    Likes Received:
    87,211
    This is why Adama kept the Galactica off the network grid.
     
    Mike likes this.
  7. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,792
    Joined:
    Dec 31, 2011
    Messages:
    57,658
    Likes Received:
    16,964
    Well it is convenient, for those able to pay.
     
  8. Capn Crud

    Capn Crud The Pride of Cucamonga VIP Gold

    Reputations:
    91,936
    Joined:
    Dec 13, 2011
    Messages:
    63,463
    Likes Received:
    8,324
  9. ChuckZ

    ChuckZ You're so pusillanimous, oh yea.

    Reputations:
    190,274
    Joined:
    Sep 18, 2010
    Messages:
    206,951
    Likes Received:
    39,926
     
  10. DrivenByDemons

    DrivenByDemons Spinoff Jesus Staff Member

    Reputations:
    259,772
    Joined:
    Sep 16, 2010
    Messages:
    70,132
    Likes Received:
    41,896
  11. Anfkid

    Anfkid Blue Banner Mafia Staff Member

    Reputations:
    391,855
    Joined:
    Feb 18, 2012
    Messages:
    59,748
    Likes Received:
    54,828
    Thanks Froggy
     
    AlPachinosBaby likes this.
  12. Gomez

    Gomez Well-Known Member

    Reputations:
    34,140
    Joined:
    Dec 13, 2011
    Messages:
    20,890
    Likes Received:
    5,600
    so the heebs know that I post on dawgshed.com?
     
  13. BrulesRules

    BrulesRules Just grab 'em in the biscuits Gold

    Reputations:
    347,913
    Joined:
    Jan 18, 2012
    Messages:
    133,474
    Likes Received:
    60,158
    I'm so scared the Feds will find out that me and my gf never can decide what we are going to have for dinner.
     
  14. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,792
    Joined:
    Dec 31, 2011
    Messages:
    57,658
    Likes Received:
    16,964
    Some people actually use their email for work...
     
  15. BethOsItchyHem

    BethOsItchyHem Well-Known Member

    Reputations:
    3,154
    Joined:
    Jan 21, 2014
    Messages:
    642
    Likes Received:
    880
    They can suck my ass!. Oh did they just read that?.
     
  16. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,792
    Joined:
    Dec 31, 2011
    Messages:
    57,658
    Likes Received:
    16,964
    well my employer instructed all of us to upgrade, so they must figure the feds and other govts (since we are everywhere) try to hack into our phones looking for anything useful. so, yes the feds probably know we post here and now they should be tracking you down. probably about those frilly panties you like to wear when nobody else is watching.
     
  17. redshirt

    redshirt Well-Known Member

    Reputations:
    19,376
    Joined:
    May 28, 2012
    Messages:
    5,013
    Likes Received:
    3,666
    So, if viewed objectively with brand agnosticism, does it help security to have a closed system with one company holding the secrets, or an "open" system with millions of eyes able to do good/bad with it?
     
  18. DrivenByDemons

    DrivenByDemons Spinoff Jesus Staff Member

    Reputations:
    259,772
    Joined:
    Sep 16, 2010
    Messages:
    70,132
    Likes Received:
    41,896
    Depends on response time to exploits. Truecrypt had a hole (slight) and even thought it was open nobody caught it. Apple seems on top of their shit for the most part but they are a huge target and I'm sure there are many zero-days being used on apple stuff. I guess my answer is you can't win cause code is bloated and complicated and written poorly all over the place.
     
    redshirt likes this.