Vault of Knowledge - A place where I take notes

T

Toggle Directory Tree Pane

Toggle Table of Contents Pane

x

Retro Emulation

Money

Image Colour Appearance Models

Printers

Sound Engineering

Metaphysics

Combustion

Aeronautical Engineering

Astronautical Engineering

Vehicles

Abstractions of Electronics Engineering

Strength to Weight Ratio

Mechanical Manufacturing

VPS Security

Generative Modelling Language

Flutter Tools

Chrome Extensions

AR Frameworks

NumPy
SciPy

RAID

GNU's Not UNIX

Smartphones

Temperature

Spintronics

Dynamic Range

Standards Organizations

Placeholder Note

Placeholder Note

India Pakistan Current Affairs

Russo-Ukraine Conflict

Why Conservative Arguments are Loaded

Index of Studying Social Problems

Trying to Understand Family Trees

Placeholder Note

Knitting and Crocheting

Do Martial Arts Like Tai Chi Work

Sailing

Scuba Diving

Audiophile Stuff

Timeline of Geological History

Using Jira

For Visual Content

Home / 🗃️ unorganized / general notes / Pegasus Spyware

Pegasus Spyware

Pegasus Spyware
More References

It's an Israeli tracking software that tracks people by leveraging loopholes in proprietary modem firmware.

Exploits like this are possible due to the regulatory authorities fooling people and keeping them under blinds.

Closed source baseband firmware
Tivoized open baseband firmware with unpatchable loopholes
Non-isolated basebands
Non-removable smartphone batteries

More References

NSO Group Page: https://www.nsogroup.com/
The Guardian News Report linked by FSF: https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones
Analysis linked by FSF: https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf

Note

This is what media shows you, but reality is much simpler than this. They are just making you look at the wrong angles. The truth is, regulatory bodies demand that you should have closed source firmware for cellular radio modems. In the best cases, like for example, an amateur radio project, the radio is supposed to be "Tivoized", meaning while one can see the firmware used, they won't be able to modify or patch it, even to fix any visible vulnerabilities.

By having such vulnerabilities, with simple technologies, one can easily hack the devices of users. Secondly, such radios are often not isolated from the CPU, in which case, even if one flashes an entirely open source operating system, with even ignoring the radio part, the radio will function it's own because it has direct access to the CPU, and we cannot turn it off. This makes it the textbook definition of a tracking device.

Left-click: follow link, Right-click: select node, Scroll: zoom

x