A question about Pegasus
grarpamp
grarpamp at gmail.com
Sun Aug 9 03:41:31 PDT 2020
On 8/9/20, Stefan Claas <sac at 300baud.de> wrote:
> after watching Mr Snowden's YouTube video and reading the following
> article,
> I was wondering if a factory reset and a new SIM card would be good enough,
> or should a compromised mobile device no longer been used and instead one
> should buy a new one with a new SIM card?
>
> https://www.youtube.com/watch?v=wltrint1JrA
> https://tech.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware
Assume that malware can exploit phone to write
itself to flash in way that persist beyond "factory reset".
Many phones ship from factory with malware already
loaded in form of branded manufacturer and/or carrier apps,
and various other "partner" and sketchy / unknown crap.
Reset does not remove those either.
Assume States, carriers, stingrays, SDR's can all track a
phones IMEI and SIM and do baseband / SMS control attacks OTA.
Consider at least iOS or AndroidOne.
See also non iRoid feature / flip phones.
Then your own stripped android compile install, no Gapps, etc.
Then Purism / Librem style phones running Linux / BSD.
Then laptops... voice apps, p2p overlays.
Then SDR phones, RF comms.
Then no phones.
Or just get rid of the State, and don't buy from Corps
selling closed / insecure garbage.
Depending on your threat case, some of those may
be enough to help avoid new phone / SIM.
> gopher://iria2xobffovwr6h.onion
More information about the cypherpunks
mailing list