Monday, July 19, 2021

The Camel's Nose yet again.

NSO Group's Pegasus spyware enables some of their government agency clients to access our phones whether we like it or not. This bespeaks allowing the Camel's Nose into our tent without our permission, something devoutly not to be wished if the Guardian's take on this story proves out to be true.


The Camel's Nose yet again.

Addendum - The spyware's totally kosher ...

Despite the hype, iPhone security no match for NSO spyware

International investigation finds 23 Apple devices that were successfully hacked

The text delivered last month to the iPhone 11 of Claude Mangin, the French wife of a political activist jailed in Morocco, made no sound. It produced no image. It offered no warning of any kind as an iMessage from somebody she didn’t know delivered malware directly onto her phone — and past Apple’s security systems.

Once inside, the spyware, produced by Israel’s NSO Group and licensed to one of its government clients, went to work, according to a forensic examination of her device by Amnesty International’s Security Lab. It found that between October and June, her phone was hacked multiple times with Pegasus, NSO’s signature surveillance tool, during a time when she was in France.

The examination was unable to reveal what was collected. But the potential was vast: Pegasus can collect emails, call records, social media posts, user passwords, contact lists, pictures, videos, sound recordings and browsing histories, according to security researchers and NSO marketing materials. The spyware can activate cameras or microphones to capture fresh images and recordings. It can listen to calls and voice mails. It can collect location logs of where a user has been and also determine where that user is now, along with data indicating whether the person is stationary or, if moving, in which direction.

How Pegasus works

Target: Someone sends what’s known as a trap link to a smartphone that persuades the victim to tap and activate — or activates itself without any input, as in the most sophisticated “zero-click” hacks.

Infect: The spyware captures and copies the phone’s most basic functions, NSO marketing materials show, recording from the cameras and microphone and collecting location data, call logs and contacts.

Track: The implant secretly reports that information to an operative who can use it to map out sensitive details of the victim’s life.

End game ...

Snowden, who in 2013 blew the whistle on the secret mass surveillance programmes of the US National Security Agency, described for-profit malware developers as “an industry that should not exist”.

Most disquieting without question.

No comments: