Pegasus Spyware

Just broke that Pegasus spyware is spreading like fire. Android and IOS are affected. Curious to see how Purism/ garden variety Linux phones handle this.

1 Like

Can you point us to an article?

There’s a tool to check iOS and Android devices, developed by Amnesty International, I think:

Article about the tool: https://techcrunch.com/2021/07/19/toolkit-nso-pegasus-iphone-android/

1 Like

This wont even run on Librem5 IMO.

Would be interesting to find any related CVE to get more details.

1 Like

It’s almost impossible to protect against Pegasus and other government spyware.

The best protection against this type of intrusion is open software (open for inspection). This gives at least the possibility for more eyes (not only four :wink:) to detect the spyware. Yes I believe more in the ability of humans than detection software. The later is also known by the spy organization and avoidance will be developed

1 Like

I think it is meritorious to consider such possibilities since journalists are a group that may be well dispositioned to try the L5. In fact, the only non-IT people I know that run Linux all happen to be journalists or have a journalist background.

On of the biggest wins here is possibly the inclusion of SE Linux or some other file integrity monitoring tool. For something in the category of Pegasus, there must be changes written to disk at some point. The fundamental issue here is that fall that high endgovernment exploitation, changes must persist in some way. And that means a change, even if it’s a hook, must be performed on disk. But currently, users have little to no insight to what the phone OS is doing in the background and what changes are persisting on disk. And there are plenty of ways to start addressing that.

The Pegasus case is a strong call to action that end users need to have greater insight into the internals on the disk. And yes, that requires instrumentation and education. But for that are in the business of caring because they are in the business of working in serious circumstances, they will either need to acquire that competency either through themselves or a trusted third party.

What we can say for a fact is that the current walled-garden approach delivered by Apple and Google does little to ensure in-flight security of the phone at large. Just analysis at the time of delivery and install for downloaded apps. It would appear that is not sufficient for some lines of work and some lives.

Yes and no. There’s nothing magic about Pegasus. It just exploits vulnerabilities. You protect yourself by not having vulnerabilities. That of course is almost impossible. :wink: I believe that at least some of the vulnerabilities have been long fixed. So you at least protect yourself by keeping up to date with your patches.

I don’t know about an actual CVE but Pegasus appears to be being discussed in two topics in this forum and in the other topic NSO Group Pegasus there are some technical details linked to.