Jump to content

Recommended Posts

Posted

Last night I watched an episode of FRONTLINE.  It revealed the use of Pegasus (Israel) by the Saudi Government to spy on its entire population's cellular use.  It stated that Pegasus can crack ANY encryption.  Any.  Can this be true??? 

I have read that 'anything' can be cracked, but some encryption takes supercomputers and years to crack.  I think Pegasus is extremely expensive to purchase and is 'sold' to Governments, law enforcement agencies, etc and not to the general public.

So, the simple question is:  Is there protection available against Pegasus enabled tracking (and the like)?

Thank you in advance.

  • ESET Staff
Posted

Hey Wacojohn,

Since  NSO groups say it provides "authorized governments with technology that helps them combat terror and crime", we will probably never know. They seem to operate like supernational entity coworking with goverments.

Good news is the only encryption we provide for iOS is an email encryption app and we have no reports of those emails being leaked. 

Posted

Thank you for the input.  After posting, I later learned it is only for IOS devices(?).  I guess there aren't many Android devices in Saudi Arabia.  At any rate, saw another program (60 Minutes?) about the Pegasus company.  You are right ... HIGHLY secretive.  We will probably never know ... indeed.  It's interesting in that I am sure IOS encrypts ... so evidently Pegasus can decrypt.  Amazing, I would say.

  • Most Valued Members
Posted
5 hours ago, WacoJohn said:

Thank you for the input.  After posting, I later learned it is only for IOS devices(?).  I guess there aren't many Android devices in Saudi Arabia.  At any rate, saw another program (60 Minutes?) about the Pegasus company.  You are right ... HIGHLY secretive.  We will probably never know ... indeed.  It's interesting in that I am sure IOS encrypts ... so evidently Pegasus can decrypt.  Amazing, I would say.

The thing is nothing can ever be guaranteed to be 100 percent safe. I remember an apple fan I used to know who was basically the definition of a fan boy. When i told him there would be bugs, security issues etc. And thus that's why they release patches he basically said there wasn't as the last patch sorted them and denied there where viruses even though you can buy AVs.

To me if there are no bugs at the moment its because they have not been found. Some companies actually buy vulnerabilities and there is a market for them sadly. So while alarming something like this isn't surprising

  • ESET Moderators
Posted

Hello,

NSO Group, is the company which is reportedly the developer of the Pegasus, if this Wikipedia article is to be believed: https://en.wikipedia.org/wiki/NSO_Group.  ESET's researchers have written a few articles about it in various languages  on the WeLiveSecurity blog.

I have not looked into the reporting in detail, but if the spyware installs itself on targets' devices with high enough privileges, it probably just waits until encrypted content is decrypted, and then passes those decrypted contents on to its operators.  That way, there's no need to spend any time breaking the encryption.

Regards

Aryeh Goretsky

Posted

Mr. Goretsky

Thank you for the comprehensive input.  I think you are very probably correct.  I apprecieate your  knowledge.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...