[HN Gopher] Pavel Durov listed in leaked Pegasus project data
___________________________________________________________________
Pavel Durov listed in leaked Pegasus project data
Author : elies
Score : 126 points
Date : 2021-07-21 14:23 UTC (8 hours ago)
(HTM) web link (www.theguardian.com)
(TXT) w3m dump (www.theguardian.com)
| lootsauce wrote:
| Pretty tired of seeing people surprised and concerned when they
| get a look at how the sausage is made like this. Bill Binney in
| 2002 and Edward Snowden in 2013 should have disabused us all of
| any pretense of order and justice in this system.
|
| World governments, Big Tech be like: "We are shocked, shocked! to
| find back doors and spying in here!"
|
| The two work in tandem to facilitate the needs of each other.
| This is just the new military industrial complex for an age of
| hybrid war. Not going away any time soon, no matter how we feel
| about it.
|
| As pointed out in another post today "A key product of ubiquitous
| surveillance is people who are comfortable with it" [1] All of
| the revelations with no recourse or reform lead to what we have
| now, everyone assumes big brother is watching and thats just how
| big brother wants it.
|
| [1] https://news.ycombinator.com/item?id=27904820
| shoto_io wrote:
| Yes. People don't know and most don't care.
|
| For example, the EU parliament has just recently passed
| legislation to allow _" providers of e-mail and messaging
| services to automatically search all personal messages of each
| citizen for presumed suspect content and report suspected cases
| to the police."_
|
| Most people I talk to don't know about this. When they hear it,
| they're in shock. And then go on living their lives. It's
| really very intangible to most people.
|
| Source: https://www.patrick-breyer.de/en/chatcontrol-european-
| parlia...
| shekhirin wrote:
| Durov's post from his Telegram channel (https://t.me/durov):
|
| The phones of 50,000 individuals, including human rights
| activists and journalists, have been targeted by surveillance
| tools that were used by numerous governments. These tools can
| hack any iOS and Android phone, and there is no way to protect
| your device from it. It doesn't matter which apps you use,
| because the system is breached on a deeper level.
|
| According to the Snowden revelations from 2013, both Apple and
| Google are part of the global surveillance program that implies
| that these companies have to, among other things, implement
| backdoors into their mobile operating systems. These backdoors,
| usually disguised as security bugs, allow US agencies to access
| information on any smartphone in the world.
|
| The problem with such backdoors is that they are never exclusive
| to just one party. Anybody can exploit them. So if a US security
| agency can hack an iOS or Android phone, any other organization
| that uncovers the backdoors can do the same. Unsurprisingly, this
| is exactly what has been taking place: an Israeli company called
| NSO Group has been selling access to the spying tools that
| allowed third parties to hack tens of thousands of phones.
|
| Since at least 2018, I have been aware that one of my phone
| numbers was included in a list of potential targets of such
| surveillance tools (although a source from the NSO Group denies
| it). Personally, I wasn't worried: since 2011, when I was still
| living in Russia, I've got used to assuming that all my phones
| were compromised. Anyone who gains access to my private data will
| be utterly disappointed - they will have to go through thousands
| of concept designs for Telegram features and millions of messages
| related to our product development process. They won't find any
| important information there.
|
| However, these surveillance tools are also used against people
| far more prominent than me. For example, they were employed to
| spy on 14 heads of state. The existence of backdoors in crucial
| infrastructure and software creates a huge challenge for
| humanity. That's why I have been calling upon the governments of
| the world to start acting against the Apple-Google duopoly in the
| smartphone market and to force them to open their closed
| ecosystems and allow for more competition.
|
| So far, even though the current market monopolization increases
| costs and impedes privacy and freedom of speech of billions,
| government officials have been very slow to act. I hope the news
| that they themselves have been targeted by these surveillance
| tools will prompt politicians to change their minds.
| fsflover wrote:
| If you want to fight the Apple-Google duopoly, consider
| GNU/Linux smarthones Librem 5 and Pinephone.
| c7DJTLrn wrote:
| Sorry, but Linux phones are a joke. The sad reality is that
| there is nothing on the market today that provides the
| security most of us here want.
| Y_Y wrote:
| I love my PinePhone but I can't run WhatsApp on it. I suppose
| I could use an emulator, but it's slow enough already.
| eingaeKaiy8ujie wrote:
| You shouldn't use WhatsApp. It's a product of a spyware
| company.
| Y_Y wrote:
| Haha, you're right about that. It's the only method of
| communication with many people and businesses around
| here. Which puts it roughly in on a par with the old-
| school phone network, except that has an oligopoly of
| spyware companies.
| fsflover wrote:
| This is a typical problem with the proprietary apps: they
| can dictate you how you must run them. Not a fault of
| Pinephone. By the way, Librem 5 is significantly faster.
| zeropoint46 wrote:
| Just curious if maybe you or anyone else knows. Are
| alternatives OS's such as lineage, postmarketOS,
| copperheadOS, etc. safe from this exploit?
| eingaeKaiy8ujie wrote:
| GrapheneOS is an Android distribution focused on security
| and it's likely to protect you from this. Read this Twitter
| thread https://twitter.com/GrassFedBitcoin/status/141683606
| 91237847....
|
| >GrapheneOS is heavily focused on security enhancements
| making exploitation significantly harder:
|
| >grapheneos.org/features
|
| >Those other operating systems [Calyx and Lineage] don't
| improve resistance against exploitation and won't provide
| more resistance against an exploit working against
| AOSP/stock.
|
| >If they specifically target GrapheneOS and put work into
| adjusting their exploit chains and finding new bugs as
| necessary, then they could certainly develop an exploit
| working against GrapheneOS. Costs will be higher and
| they'll usually need to specifically take it into account.
|
| >Firmware exposed to remote attack surface like the radios
| (Wi-Fi, Bluetooth, cellular, NFC) and GPU is generally a
| lot harder to exploit than the OS and those components are
| isolated. It's much rarer and generally involves using an
| OS exploit to bypass the component isolation.
|
| >Nearly all of these exploits are memory corruption bugs.
| GrapheneOS does actually provide hardening for firmware
| through attack surface reduction including the LTE only
| mode and other features. It can't directly harden firmware,
| but it can avoid exposing as much attack surface.
|
| >So, for example, with the GrapheneOS 4G only mode enabled,
| vulnerabilities in 2G, 3G and 5G are not usable to exploit
| the cellular radio, only those exposed by 4G.
|
| >The radio firmware also does have substantial hardening
| and internal sandboxing, but GrapheneOS can't improve it.
|
| >GrapheneOS also fortifies the OS against exploitation by
| an attacker that has gained code execution on a component
| like the GPU or radio.
|
| >Main hardening we provide is for the most common path of
| exploiting an RCE bug in userspace and then exploiting the
| kernel to escape sandbox.
|
| GrapheneOS runs only on Pixel phones which have great
| hardware security.
|
| Also, DON'T USE CopperheadOS:
| https://grapheneos.org/history/copperheados
| [deleted]
| beagle3 wrote:
| Likely not ; they might be, by chance - but the exploits
| are often for bugs in places like media parsing libraries
| (e.g. jpeg decoder), which are not usually modified in
| those alternatives.
|
| Different compile settings might render an exploit
| ineffective. But I'd expect any remotely popular Android
| derivative (e.g. lineage) to be tested by the attacker -
| and even postmarketOS, which is not Android based, is
| likely to use some of the same media parsing libraries.
| kaba0 wrote:
| GNU/Linux don't even have a notion of security let alone
| having anything comparable to even backdoored android/ios.
|
| I think your best bet would be a Pixel phone with GrapheneOS,
| though I'm not sure whether it was effected here.
| fsflover wrote:
| Their security model is more reasonable in my opinion:
| https://news.ycombinator.com/item?id=27908661
| kaba0 wrote:
| Hardware kill switches are unfortunately pretty much
| useless. For camera it's okay, but a tape is just as
| good, for microphone, even the gyrosensors can record
| voice in some quality. And here is the big thing: there
| is hardly any threat model where blocking the camera
| would help when the software stack is a burning pile of C
| buffer overflows from top to bottom. If you can't trust
| the software to such a degree, then you might as well
| just not turn on your device. Seriously, what's up with
| the linux userspace where goddamn gnome initial setup is
| a C program?! Like, we were okay with lisp code decades
| ago in more serious things, and nowadays we actually have
| memory-safe languages with very close to native
| performance.
|
| But the biggest problem is the lack of sandboxing, and
| UNIX permissions are way too crude to be of any use. The
| attacker at worst can't install a video driver, but can
| easily add anything to your bashrc, or read the content
| of your browser's cache, etc.
| fsflover wrote:
| > for microphone, even the gyrosensors can record voice
| in some quality
|
| Turning off all three kill switches kills all sensors.
|
| Concerning the problem with the C code, yes. But it's the
| same problem as with Apple, trillion-dollar company.
| kaba0 wrote:
| You are right, but Apple does try to rewrite most things
| in memory safe languages and have been doing so for quite
| some time now. So it is not exactly GNU/Linux.
| gnufx wrote:
| I agree about ambient authority etc., but I'm typing this
| in a sandbox which doesn't allow access to .bashrc. (I'm
| sure it's not perfect.)
| kaba0 wrote:
| I'm no security researcher so do correct me if I'm wrong
| but I assume you use firejail which is a suid program - a
| bug here could cause an escape to even become root. And
| why would you write a sandbox in a memory safe
| language...
| csydas wrote:
| >> Personally, I wasn't worried: since 2011, when I was still
| living in Russia, I've got used to assuming that all my phones
| were compromised.
|
| I know it's fun to slam on Telegram (and for sure its
| encryption has flaws, I really don't think anyone denies this),
| but everyone needs to understand the mindset of Durov and what
| I'm guessing is the mindset of russian-born telegram
| developers: your phone can be compromised, and easily at that.
|
| I think this is something very important for everyone to
| remember when the discussion of encryption and messaging comes
| up.
|
| The level of encryption in transit doesn't matter if your
| adversary has full access on your phone that can just
| screenshot and pull local messages of whatever they want.
|
| NSO's ridiculousness hopefully has made it very clear that it
| doesn't matter which phone/OS you're using; full access to your
| phone is a salable item for basically anyone with the interest
| in having it, and this is only the software we know about.
|
| Journalisst, Activists, or even just someone looking for a fun
| weekend is at risk with modern phones and messaging; it does
| not matter about tapping the communication in-between if they
| can just screenshot/copy your phone on the fly.
|
| Be careful about what you use your phone for.
| shantara wrote:
| In my previous job I have worked for a company that developed
| enterprise focused encrypted chat apps. When interviewing
| potential hires, one of the first general questions we asked
| was to give a high-level list of possible attack vectors on
| an installed app and its user data. Very few developers even
| considered the OS and device themselves as a potential
| threat, despite these interviews taking place well after
| Snowden revelations.
| djanogo wrote:
| He pivoted the NSO group targeting to Apple-Google discussion,
| with out any proof that Apple had anything to do with Pegasus.
|
| He wants biggest American companies that world has ever had to
| open source and loose all the edge against rest of the world,
| but he runs close source proprietary server software which he
| wants people to use for secure communication.
| tester34 wrote:
| >He wants biggest American companies that world has ever had
| to open source and loose all the edge against rest of the
| world
|
| if software is the edge, then it's not solid, imo.
|
| I thought US edge was capital, skilled people who can create
| insane stuff quickly and engineering culture that enables
| them
| coolspot wrote:
| Apple is known to hand off whole China iCloud to CCP.
|
| Also they refuse to zero-knowledge (e2e) encrypt US iCloud
| backups[1].
|
| In San Bernandino shooter's case, they refused FBI's request
| to develop new tools to hack an already locked iPhone.
|
| However I have little doubt they will refuse to sign&push OTA
| update of a Signal.app or "improved" iOS developed and
| provided by NSA.
|
| Mercenary who helped Carlos Ghosn, recalled that in the
| middle of operation, while riding a train, his iPhone
| suddenly rebooted and started an iOS update[2]:
|
| --
|
| On the train, Taylor's phone began an unexpected automatic
| software update. "The first thing I thought was, I wonder if
| the NSA knows," he recalls. "I wouldn't put anything past
| them."
|
| --
|
| [1] - https://blog.elcomsoft.com/2021/01/apple-scraps-end-to-
| end-e...
|
| [2] - https://www.vanityfair.com/news/2020/07/how-carlos-
| ghosn-esc...
| holmesworcester wrote:
| > with out (sic) any proof that Apple had anything to do with
| Pegasus.
|
| Um, bundling a messaging app that parses feature-rich
| messages sent from _anyone in the world_ using a memory-
| unsafe language and abusing DRM laws intended for anti-piracy
| protection to *ensure that no one can uninstall it from their
| phone* doesn 't count as proof that Apple had something to do
| with Pegasus?
|
| Yes, Durov's assertion that the bugs NSO exploited were
| intentionally left there by Apple at the behest of US
| intelligence agencies is presented without proof, and while
| conceivable is very unlikely [1].
|
| But his assertion that monopoly practices by Apple had
| something to do with the Pegasus hacks is perfectly accurate
| given that Messages is insecure, forcibly bundled, and was in
| fact how many journalists and human rights defenders were
| hacked.
|
| Durov's point that "it doesn't matter what apps you have
| installed on your phone" is especially depressing and a
| direct result of Apple's use of DRM to prevent users from
| uninstalling Messages. It would be nice if people could
| install Messages from their iPhones right now. Thanks to
| Apple, they can't.
|
| [1] Not because Apple wouldn't do it if pressured (we know,
| for instance, that they caved to such pressure on iCloud
| encryption) but merely because there are likely so many
| vulnerabilities to find that the chances NSA, Apple, and NSO
| were all aware of the same vulnerabilities are very low.
| igorzx31 wrote:
| He's a russian stooge. I wonder how putin feels about end to
| end encryption?
| [deleted]
| underseacables wrote:
| I'm bothered by this Pegasus thing, does anyone have a link to
| the raw data? I don't like getting an interpretation of something
| through the news media anymore. Rather, I don't trust the news
| media to provide an accurate or even an honest analysis, and from
| what I can tell the Pegasus data as it's called, seems to be
| something that only the media has access to.
| TechBro8615 wrote:
| Isn't the raw data just a list of phone numbers? What would you
| do with that without further compromising the privacy of the
| people behind them?
| boomboomsubban wrote:
| There are security and privacy reasons not to publicly dump
| leaks like this, and the distrust of the media should be
| somewhat offset by multiple outlets analyzing the data
| separately.
|
| That said, I'm unsure how the media could twist "x country
| spied on y individual." Knowing the types of people being spied
| on, it should be assumed most people of similar importance are
| being spied on by someone.
| underseacables wrote:
| I take your point, but what echoes in my mind is when the
| Hillary emails were leaked, and people like van Jones were
| saying no you're not allowed to look at that, but we the
| media, we are allowed to look at that. They could redact
| information, but I lament that my trust in the media is so
| low that I cannot fully trust it without seeing the raw data
| myself. Even having that raw data available would give me
| more confidence in the reporting.
| kjaftaedi wrote:
| What are you going to do with the phone numbers of 50,000
| important individuals?
|
| What sort of cost-benefit analysis are you doing that makes
| you think your right to see other people's PII trumps their
| privacy?
| boomboomsubban wrote:
| If you had access to the data, how would you verify that
| Durov's number was listed? Then what confidence would that
| give you? Trusting an anonymous leak more than the media
| who vetted the data seems misguided.
| igorzx31 wrote:
| The indications are on github if you want to check your phone.
| klyrs wrote:
| https://github.com/AmnestyTech/investigations/tree/master/20.
| ..
___________________________________________________________________
(page generated 2021-07-21 23:01 UTC)