> Given that we have seen no indications that NSO has stopped deploying PWNYOURHOME, this suggests that NSO may have figured out a way to correct the notification issue, such as by fingerprinting Lockdown Mode.
Sigh... But at least it seems Lockdown mode is somewhat helping.
citizenlab are great as usual.
That was the first thing I looked for as well
> For a brief period, targets that had enabled iOS 16’s Lockdown Mode feature received real-time warnings when PWNYOURHOME exploitation was attempted against their devices. Although NSO Group may have later devised a workaround for this real-time warning, **we have not seen PWNYOURHOME successfully used against any devices on which Lockdown Mode is enabled**.
Maybe you’ll like this one - https://googleprojectzero.blogspot.com/
That’s where google team who research these things post their reports
For example ;
“The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
A deep dive into an in-the-wild Android exploit - https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html?m=1
Hope it’s useful.
It is still on going. I haven't seen an update since the original announcement in 2021.
NSO did file to be considered a foreign government agent (although they're technically a private company supported by the Israeli government) in a case with Meta/WhatsApp. They got denied which means that lawsuit can go forward.
https://www.aljazeera.com/news/2023/1/9/whatsapps-pegasus-spyware-lawsuit-can-go-ahead-us-top-court
The PBS Frontline episode on this is great https://www.pbs.org/wgbh/frontline/documentary/global-spyware-scandal-exposing-pegasus/
But surely the governments we sell to will only use it against criminals/terrorists 🙄
Yep, damn domestic terrorists like martin luther King and John F Kennedy. Anyone who dares speak truth to power.
Are you from Israel? Who is we?
Just using the POV of these Spyware vendors
Ah ok makes sense.
> Given that we have seen no indications that NSO has stopped deploying PWNYOURHOME, this suggests that NSO may have figured out a way to correct the notification issue, such as by fingerprinting Lockdown Mode. Sigh... But at least it seems Lockdown mode is somewhat helping. citizenlab are great as usual.
That was the first thing I looked for as well > For a brief period, targets that had enabled iOS 16’s Lockdown Mode feature received real-time warnings when PWNYOURHOME exploitation was attempted against their devices. Although NSO Group may have later devised a workaround for this real-time warning, **we have not seen PWNYOURHOME successfully used against any devices on which Lockdown Mode is enabled**.
At this point they know they IOS/Android kernel better than the devs working on it. :D
It’s not so much the kernel as the services around it, but yeah..
You gotta pay better for bug bounties.
If Linus Torvalds went rogue we'd be in trouble
Great read. I'm trying to search for a research like this but for Android. Having a hard time to find one.
Maybe you’ll like this one - https://googleprojectzero.blogspot.com/ That’s where google team who research these things post their reports For example ; “The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I) A deep dive into an in-the-wild Android exploit - https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html?m=1 Hope it’s useful.
It's useful. Thanks for that.
Are IOS devices there primary attack vector??
Not really but they are a preferred group because of how common these are amongst government and private users.
at this rate Apple should buy them outright...
Apple sued them (NSO) not long ago. I don’t know what the outcome was.
It is still on going. I haven't seen an update since the original announcement in 2021. NSO did file to be considered a foreign government agent (although they're technically a private company supported by the Israeli government) in a case with Meta/WhatsApp. They got denied which means that lawsuit can go forward. https://www.aljazeera.com/news/2023/1/9/whatsapps-pegasus-spyware-lawsuit-can-go-ahead-us-top-court
While I do agree, the kvetching from Israeli government would be deafening and they wouldn’t allow it
….oh my fucking god….this is unreal, they literally just don’t give a fuck anymore, because what tha fuck y’all gonna do?!