ESET Insiders NewbyUser 74 Posted July 21, 2021 ESET Insiders Share Posted July 21, 2021 Scary stuff Revealed: leak uncovers global abuse of cyber-surveillance weapon | Surveillance | The Guardian peteyt 1 Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted July 21, 2021 Most Valued Members Share Posted July 21, 2021 4 hours ago, NewbyUser said: Scary stuff Revealed: leak uncovers global abuse of cyber-surveillance weapon | Surveillance | The Guardian What I find funny is the people behind pegasus keep saying this person and this person etc. weren't being tracked by the software and the next thing they say they don't have access to customer data so can't see who/what their customers are spying on, which contradicts the previous statements LesRMed and NewbyUser 2 Link to comment Share on other sites More sharing options...
ESET Insiders NewbyUser 74 Posted July 21, 2021 Author ESET Insiders Share Posted July 21, 2021 I see them the same as the passwordrevealor guy, designing something to hack, but NSO gets a pass because they do it for "law enforcement and national security" peteyt 1 Link to comment Share on other sites More sharing options...
sanjay mehta 6 Posted July 22, 2021 Share Posted July 22, 2021 the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc. from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide. my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs". phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern. NewbyUser, EnjoyBoast, peteyt and 1 other 4 Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted July 22, 2021 Most Valued Members Share Posted July 22, 2021 5 hours ago, sanjay mehta said: the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc. from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide. my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs". phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern. The first problem is nothing can ever be 100 percent secure. AVs will protect people to a degree but they are limited like everything. The other problem is finding these backdoors and proving government and the vendors themselves knew about them. Then there's the legal issues if AVs where to openly blame someone. Link to comment Share on other sites More sharing options...
user209 0 Posted August 11, 2021 Share Posted August 11, 2021 The problem is that the major smartphone vendors have created their devices to be black boxes. We need new hardware and Free Software (different than open source) on mobile devices, which allow auditing of the device. Amnesty International's write up on this strain of the Pegasus Malware (which exposed the recent activity by NSO group) says that a major problem is it is extremely hard to audit both Android and iOs. If you can't audit the expected vs actual behavior of a device, you have no means to detect malware. Amnesty International released their Mobile Verification Toolkit which can help check for IOCs and other indicators from backups or complete filesystem dumps, which you can check out on github here: https://github.com/mvt-project/mvt We need more projects like this that empower end users to inspect the behavior on their device. Link to comment Share on other sites More sharing options...
Recommended Posts