Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Sold To Governments Helped Them Spy on iPhones (washingtonpost.com)

Posted by msmash on from the big-brother dept.

One of the world's most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor's note: the link could be paywalled, here's an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target's mobile phone, was responsible for the intrusions. The NSO Group's software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these "zero-day" flaws were previously used by the governments to take over victims' phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. "Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars."

6 of 31 comments (clear)

  1. Richard Stallman right again by JoeyRox · · Score: 5, Insightful

    Every time Richard talks about closed-source phones being used to surreptitiously track users' movements, take photos, and listen in on their conversations he sounds like a madman. But he's right.

    1. Re:Richard Stallman right again by NatasRevol · · Score: 2

      Well, with open source phones, you don't have to do that surreptitiously.

      --
      There are two types of people in the world: Those who crave closure
  2. The tipping point by npslider · · Score: 2

    The more we depend on technology, the more vulnerable we become to those that use it to erode our freedoms and privacy. I enjoy the benefits of using technology, it has made many things more convenient, and has also stolen more of my time than I care to admit...

    It seems though, that now, no matter where you are, and who you are, the leash attached to our connected technology is tied to an increasingly meaner and nastier junk yard dog that is very hungry.

  3. Apple Just Released an Update to Address This by lawyer+boy · · Score: 2

    http://arstechnica.com/apple/2...

    1. Re:Apple Just Released an Update to Address This by lawyer+boy · · Score: 2

      The summary didn't have a link to the update and the FA had the update information several paragraphs down from the top. I just wanted to highlight the fact that an update was out there and link to a short announcement that had the relevant information. I did not offer any commentary or complaint as to bias or quality re: the summary.

  4. Re:One word: Replicant by farble1670 · · Score: 2

    "Replicant is a fully free Android distribution running on several devices ...

    Several? Wow.

    Curious though how you think the fact that it's OSS means it won't have any zero day flaws. Because, the OSS community is spending it's nights and weekends statically analyzing this particular OSS project?

    Some (3-D graphics acceleration, GPS) are just not supported. (Use 2-D graphics and, if you really want your phone to know where you are, a plugin GPS device based on a different chip.) GPS is not supported because the phone's GPS chip also requires a proprietary CPU-land driver, which is an open-source no-no.

    No 3-d graphics? No GPS? Plugin a GPS dongle? The awesomeness continues.