The iPhone is not as secure as we’d like, and the Pegasus hack proved it

By Scott Marlette Last updated Jul 20, 2021

Apple’s CEO Tim Cook has been on tape many times extolling the privacy and security virtues of the iOS software and its most common carriers, the world’s iPhones. During the Facebook ad targeting debacle, Tim Cook sat down for an interview, and, when asked what he would do if he was Mark Zuckerberg now, quickly replied: “I wouldn’t be in this situation.” Pressed again, he clarified the point further: “We could make a ton of money if our customer was our product. We’ve elected not to do that.”

How secure is the iPhone?

Very, it turns out, for the aforementioned reasons, and the built-in security and privacy protections of the iPhone are certainly more robust than on your regular Android phone that is not the Freedom Phone. We kid, but even with iPhone, there are cracks in the system, whether for legal reasons, or when skilled and determined cyber security honchos are involved.

Recently, for example, Apple notified some Congressmen from the House Intelligence Committee, and their staffers as well as family members, that it has been subpoenaed by the Justice Department to deliver their records.

Still, Apple turned in metadata as well as account information, not emails, photos, or actual message content, just the minimum it is required to reveal by law, if that’s of any comfort to those that were on the receiving end of the subpoenas.

Sunday’s bombshell revelation about the Israeli company’s NSO Pegasus spyware that was supposed to help law enforcement in tracking criminals but ended up installed on the phones of dissidents, government opposition figures, human rights advocates and journalists across the globes, is a real red strobing light.

Yes, the Pegasus spyware can be installed on iPhones even if you don’t click on a link, Amnesty International reports. Its Forensic Methodology Report debunks NSO’s claims that its spyware product is exclusively used to “investigate terrorism and crime,” for instance.

Amnesty found “forensic traces left on iOS and Android devices following targeting with the Pegasus spyware” that included phones of human rights defenders and journalists alike. Surprise, surprise, even those of the targeted individuals who had iPhones weren’t safe from the so-called “zero-click” attacks that require no input from the user, so they might not even be aware they are running spyware even though they did everything right and didn’t click on any suspicious link or whatnot.

“Most recently, a successful “zero-click” attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021,” says Amnesty International’s Forensic Methodology Report which should raise the hair on the neck of anyone who thought they are safe just by using an iPhone.

These phone hacking devices or software have become somewhat of a cottage industry over in Israel, where the spycraft and its civilian applications intermingle more successfully than anywhere else, so it comes as a little surprise that the NSO Group has managed to create such a sophisticated iPhone and Android hacking platform.

In any case, Apple will probably try and plug the exploit that allowed the Pegasus spyware to be installed on its iPhones in the coming iOS updates… until the next time when another exploit is used and we only learn about it post factum.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.