A question about Pegasus
Stefan Claas
sac at 300baud.de
Sun Aug 9 04:22:17 PDT 2020
grarpamp wrote:
> On 8/9/20, Stefan Claas <sac at 300baud.de> wrote:
> > after watching Mr Snowden's YouTube video and reading the following
> > article,
> > I was wondering if a factory reset and a new SIM card would be good enough,
> > or should a compromised mobile device no longer been used and instead one
> > should buy a new one with a new SIM card?
> >
> > https://www.youtube.com/watch?v=wltrint1JrA
> > https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware
>
> Assume that malware can exploit phone to write
> itself to flash in way that persist beyond "factory reset".
>
> Many phones ship from factory with malware already
> loaded in form of branded manufacturer and/or carrier apps,
> and various other "partner" and sketchy / unknown crap.
> Reset does not remove those either.
>
> Assume States, carriers, stingrays, SDR's can all track a
> phones IMEI and SIM and do baseband / SMS control attacks OTA.
>
> Consider at least iOS or AndroidOne.
> See also non iRoid feature / flip phones.
> Then your own stripped android compile install, no Gapps, etc.
> Then Purism / Librem style phones running Linux / BSD.
> Then laptops... voice apps, p2p overlays.
> Then SDR phones, RF comms.
> Then no phones.
> Or just get rid of the State, and don't buy from Corps
> selling closed / insecure garbage.
>
> Depending on your threat case, some of those may
> be enough to help avoid new phone / SIM.
Thanks a lot for your advise, much appreciated!
I will study the options.
Regards
Stefan
--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion
More information about the cypherpunks
mailing list