[iw] - How does Apple technology hold up against NSO spyware?

Richard Forno rforno at infowarrior.org
Mon Jul 19 08:17:41 EDT 2021

How does Apple technology hold up against NSO spyware?

It is one of the technological battles of the 21st century – in which every mobile phone user has a stake.

In one corner, Apple, which has more than a billion active iPhones being used across the world. In the other, companies such as Israel’s NSO Group, developing spyware designed to defeat the most sophisticated security and privacy measures.

And while Apple says it is keeping pace with surveillance tools that are used to attack its phones – it boasts of creating “the most secure consumer platform in the world” – research undertaken as part of the Pegasus project paints a more worrying picture.

The malware, it appears, has been one step ahead.

That, at least, is the conclusion of new technical research by Amnesty International, which suggests that even the most up-to-date iPhones running the latest operating system have still been penetrated by NSO Group’s Pegasus spyware.

This has led to some people’s mobiles being turned into portable surveillance devices, giving complete access to numbers, text messages, photos. Everything.

The disclosure points to a problem security researchers have been warning about for years: that despite its reputation for building what is seen by millions of customers as a secure product, some believe Apple’s closed culture and fear of negative press have harmed its ability to provide security for those targeted by governments and criminals.

“Apple’s self-assured hubris is just unparalleled,” said Patrick Wardle, a former NSA employee and founder of the Mac security developer Objective-See. “They basically believe that their way is the best way. And to be fair … the iPhone has had incredible success.

“But you talk to any external security researcher, they’re probably not going to have a lot of great things to say about Apple. Whereas if you talk to security researchers in dealing with, say, Microsoft, they’ve said: ‘We’re gonna put our ego aside, and ultimately realise that the security researchers are reporting vulnerabilities that at the end of the day are benefiting our users, because we’re able to patch them.’ I don’t think Apple has that same mindset.”

The concern about the vulnerability of mobile devices is one aspect highlighted by the Pegasus project, a collaborative journalism investigation coordinated by Forbidden Stories.

< - >


More information about the Iw mailing list