this post was submitted on 28 Apr 2024
388 points (83.4% liked)

Technology

59669 readers
2928 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] merde@sh.itjust.works 1 points 7 months ago* (last edited 7 months ago) (1 children)

let's put aside everything @Aceticon@lemmy.world wrote you; if the French state was trying to legalize exactly this, it must be possible: la validation pure et simple de l’activation à distance des fonctions de géolocalisation de téléphone et autres objets connectés (voiture, balises airtag, montre etc) qui repose exactement sur le même procédé technique que le dispositif censuré : la compromission d’un périphérique, en y accédant directement ou par l’intermédiaire d’un logiciel espion pour en prendre le contrôle à distance.

source

wasn't the scandal about the Pegasus spyware all about this imperceptibility?

[–] dhork@lemmy.world 1 points 7 months ago (1 children)

Nothing in your links above indicate that the spyware operates while the phones are powered off (although I relied on a crappy translation of the French). Could spyware mock the shutdown process so that it looks like the phone is powered off while the phone is actually running? Sure it can, but the victim will be tipped off when the phone's battery is being drained even while it is "shut off". (And someone who is paranoid enough to shut down their phone would pay attention to that.) . It seems like it's not worth the effort.

[–] merde@sh.itjust.works 1 points 7 months ago* (last edited 7 months ago) (1 children)

read, listen to people that were spied on using the pegasus software. Easy to find

i don't know if you've met any real activists, militants in your life but they're rarely geeks. And checking the battery of their phone or reading about battery life isn't one of their priorities

[–] dhork@lemmy.world 1 points 7 months ago (1 children)

Yes, info on Pegasus is easy to find. And never says Pegasus is active when the phone is powered off. It's undetectable and insidious in what it can grab, but at no point is there any reference at all to being active while the phone is powered off.

https://en.m.wikipedia.org/wiki/Pegasus_(spyware)

If you have a reference that states otherwise (that isn't written by an AI), please supply it. I'll be happy to give up on this if someone can prove their point.

And that is because it is way too easy to detect when the phone is off, not only because of the battery drain, but because the radios would be transmitting when they shouldnt . Plus, persisting across a reboot requires some trace of the Trojan to be on physical storage, which is more likely to be found on a scan.

I am assuming that when a state-level actor is hacking a phone, they are targeting a person directly, and know how to get the Trojan on undetected. Their main goal will be to continue to siphon data off it while it is in use. It's not worth the risk of detection to track it while it is off (and not being used, after all.) Don't you think they would prefer to use the same method they used the first time to infect the burner phone that's actually being used?

[–] merde@sh.itjust.works 1 points 7 months ago* (last edited 7 months ago)

back in the loop ☞ https://lemmy.world/comment/9738706

have a good day