"Cohen (former head of Mossad) insisted that the publicly recognized success against Hezbollah was merely one element of a far wider, systematic deployment of sophisticated devices worldwide, although notably abscent in the Gaza Strip."
His claim there did not necessarily imply rigged explosives, but supply chain attacks either for surveillance or assassination purposes.
And his limiting it to "virtually every potential theater" would suggest that it's mostly present in Lebanon, Syria, Iran, Yemen, most likely Iraq as well.
But let's be honest here, this isn't civilian equipment that's been compromised. It's supply chain attacks where the buyer is manipulated into buying goods that they've tampered with, or re-engineered. They weren't pagers anyone could pick up at Radio Shack. (Everyone who got hit was a target, or a direct relative of a target.)
> limit the number of apps ... lower attack surface ... If paranoid
While true in general, super apps that do too many things and used by billions (WhatsApp, Chrome, TikTok, Instagram, CleanMaster etc) are big enough of an attack surface already.
Defenses (compile-time / runtime memory safety & control flow integrity, media coders/decoders, sandboxes, for example) are getting better & so exploits are getting expensive.
> use a different device to access suspicios apps/sites with nothing on it
While using different devices is good enough, it requires the end user to maintain strict isolation (and sometimes may require appropriate features from the OS). Using burners is an extreme version of this practice.
Burners seem extreme, but old used hardware still seems the best and only way you can sort of prove isolation on your own.
You can't trust software not to be buggy and both, hardware, and software not to be purposely compromised because "think of the children" (that the EFs proved to be BS).
I find it interesting that Apple has spun Lockdown mode from a 'we are terrible at security' into a feature for marketing.
Now when someone gets hacked Apple can say: "Well they weren't in lockdown mode, its their own fault."
Gosh I wish I was as good at marketing as Apple. They really need to sell their marketing team as a service. If they did that, I'd buy their stock outright.
hmmmmmmmmmmmmmm|13 days ago
Edit: https://news.ycombinator.com/item?id=45763674
"Cohen (former head of Mossad) insisted that the publicly recognized success against Hezbollah was merely one element of a far wider, systematic deployment of sophisticated devices worldwide, although notably abscent in the Gaza Strip."
ivl|13 days ago
And his limiting it to "virtually every potential theater" would suggest that it's mostly present in Lebanon, Syria, Iran, Yemen, most likely Iraq as well.
But let's be honest here, this isn't civilian equipment that's been compromised. It's supply chain attacks where the buyer is manipulated into buying goods that they've tampered with, or re-engineered. They weren't pagers anyone could pick up at Radio Shack. (Everyone who got hit was a target, or a direct relative of a target.)
magicalhippo|13 days ago
foolserrandboy|13 days ago
ignoramous|13 days ago
While true in general, super apps that do too many things and used by billions (WhatsApp, Chrome, TikTok, Instagram, CleanMaster etc) are big enough of an attack surface already.
Defenses (compile-time / runtime memory safety & control flow integrity, media coders/decoders, sandboxes, for example) are getting better & so exploits are getting expensive.
> use a different device to access suspicios apps/sites with nothing on it
While using different devices is good enough, it requires the end user to maintain strict isolation (and sometimes may require appropriate features from the OS). Using burners is an extreme version of this practice.
gruez|13 days ago
One of these are not like the others...
dietr1ch|13 days ago
You can't trust software not to be buggy and both, hardware, and software not to be purposely compromised because "think of the children" (that the EFs proved to be BS).
jsheard|13 days ago
https://support.apple.com/en-us/105120
PlatoIsADisease|13 days ago
I only know pegasus broke iOS.
I find it interesting that Apple has spun Lockdown mode from a 'we are terrible at security' into a feature for marketing.
Now when someone gets hacked Apple can say: "Well they weren't in lockdown mode, its their own fault."
Gosh I wish I was as good at marketing as Apple. They really need to sell their marketing team as a service. If they did that, I'd buy their stock outright.
iririririr|13 days ago
Aerbil313|11 days ago