this post was submitted on 28 Apr 2024
389 points (83.6% liked)

Technology

58011 readers
3117 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
389
Stop Using Your Face or Thumb to Unlock Your Phone (gizmodo.com)
submitted 4 months ago by [email protected] to c/[email protected]
239 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 4 months ago (1 children)

Nothing in your links above indicate that the spyware operates while the phones are powered off (although I relied on a crappy translation of the French). Could spyware mock the shutdown process so that it looks like the phone is powered off while the phone is actually running? Sure it can, but the victim will be tipped off when the phone's battery is being drained even while it is "shut off". (And someone who is paranoid enough to shut down their phone would pay attention to that.) . It seems like it's not worth the effort.

[–] merde 1 points 4 months ago* (last edited 4 months ago) (1 children)

read, listen to people that were spied on using the pegasus software. Easy to find

i don't know if you've met any real activists, militants in your life but they're rarely geeks. And checking the battery of their phone or reading about battery life isn't one of their priorities

[–] [email protected] 1 points 4 months ago (1 children)

Yes, info on Pegasus is easy to find. And never says Pegasus is active when the phone is powered off. It's undetectable and insidious in what it can grab, but at no point is there any reference at all to being active while the phone is powered off.

https://en.m.wikipedia.org/wiki/Pegasus_(spyware)

If you have a reference that states otherwise (that isn't written by an AI), please supply it. I'll be happy to give up on this if someone can prove their point.

And that is because it is way too easy to detect when the phone is off, not only because of the battery drain, but because the radios would be transmitting when they shouldnt . Plus, persisting across a reboot requires some trace of the Trojan to be on physical storage, which is more likely to be found on a scan.

I am assuming that when a state-level actor is hacking a phone, they are targeting a person directly, and know how to get the Trojan on undetected. Their main goal will be to continue to siphon data off it while it is in use. It's not worth the risk of detection to track it while it is off (and not being used, after all.) Don't you think they would prefer to use the same method they used the first time to infect the burner phone that's actually being used?

[–] merde 1 points 4 months ago* (last edited 4 months ago)

back in the loop ☞ https://lemmy.world/comment/9738706

have a good day