Defending Against Spyware Like Pegasus
This has been a busy week for security news, but perhaps the most significant security and privacy story to break this week, is about how NSO Group's Pegasus spyware has been used by a number of governments to infect and spy on journalists and activists and even heads of state by sending an invisible, silent attack to their iPhone that requires no user interaction. We have had customers ask us about this incident and whether our hardware would be vulnerable, so instead of writing a lot of individual replies, I figured it was better to go ahead and publish something on how we approach defending against spyware in general. Most vendors want all security outsourced to them, so you become fully dependent on and locked into them for security. In the name of security, phone vendors already have remote control over their customers' phones and some also use this capability to spy on their customers. Another problem phones face with spyware is that the entire platform has been designed to collect user data. My post Snitching on Phones that Snitch on You describes many of the ways we protect users from data collection, and includes a section on how to use the OpenSnitch tool to monitor all traffic leaving your device so you can more easily detect when spyware is trying to phone home. Security measures on most phones are focused more on keeping the customer in and competitors out.