Jump to content

NSO and Pegasus back in the spotlight


NewbyUser

Recommended Posts

  • Most Valued Members
4 hours ago, NewbyUser said:

What I find funny is the people behind pegasus keep saying this person and this person etc. weren't being tracked by the software and the next thing they say they don't have access to customer data so can't see who/what their customers are spying on, which contradicts the previous statements 

Link to comment
Share on other sites

  • ESET Insiders

I see them the same as the passwordrevealor guy, designing something to hack, but NSO gets a pass because they do it for "law enforcement and national security"  

Link to comment
Share on other sites

the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc.

from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide.

my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs".

phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern.

Link to comment
Share on other sites

  • Most Valued Members
5 hours ago, sanjay mehta said:

the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc.

from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide.

my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs".

phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern.

The first problem is nothing can ever be 100 percent secure. AVs will protect people to a degree but they are limited like everything.

The other problem is finding these backdoors and proving government and the vendors themselves knew about them. Then there's the legal issues if AVs where to openly blame someone.

Link to comment
Share on other sites

  • 3 weeks later...

The problem is that the major smartphone vendors have created their devices to be black boxes. We need new hardware and Free Software (different than open source) on mobile devices, which allow auditing of the device. Amnesty International's write up on this strain of the Pegasus Malware (which exposed the recent activity by NSO group) says that a major problem is it is extremely hard to audit both Android and iOs. If you can't audit the expected vs actual behavior of a device, you have no means to detect malware.

Amnesty International released their Mobile Verification Toolkit which can help check for IOCs and other indicators from backups or complete filesystem dumps, which you can check out on github here: https://github.com/mvt-project/mvt

We need more projects like this that empower end users to inspect the behavior on their device.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...