Pegasus attacks

Asti1992 · December 24, 2021, 9:01am

Hi,

In Poland we recently suffered series of “Pegasus” attacks targeted at goverment opposition. I would like to know from @Manoj or anybody else from @support if /e/OS can be prone to Pegasus attacks. And if so, how to toughen our devices against it?

PS I know there was a topic about it, but it was closed.

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services phone

Manoj · December 24, 2021, 9:39am

You can find the response here …/e/ OS aims to make the Android OS free from the data mining of MNC’s like Google. If you are being targeted by some Government agency, then maybe /e/ is not the operating system for you.

Asti1992 · December 24, 2021, 12:48pm

@Manoj

Whether I am being currently targeted is besides the point - I just want to know if /e/OS is vulnerable to those attacks and if /e/ foundation is planning to harden the system against them?

Kind regards,
Adrian.

AnotherElk · December 24, 2021, 1:39pm

It seems the most promising approach would be to harden yourself as a user, because on Android users seem to be most at risk by user interaction (following malicious links, giving consent to root permissions) or by not installing security updates timely once they are available …

https://theconversation.com/how-does-the-pegasus-spyware-work-and-is-my-phone-at-risk-164781

anon88181694 · December 25, 2021, 12:14pm

You might find this document interesting:

Take for example CVE-2019-2215, used in the wild first by the same group.
DivestOS had all devices mitigated against it a year beforehand thanks to kernel hardening.
To date, many ROMs including stock or Lineage and any derivatives (ie. /e/OS) are still vulnerable to it.

If they are still vulnerable to an issue discovered over two years ago then what about all of the other security issues found over the years?

DivestOS directly patches on average many hundred known security issues per device through the automated kernel patcher I’ve developed since 2017.
Everyone is welcome to use it: GitHub - Divested-Mobile/CVE_Checker: A tool for downloading, checking, and applying (CVE) patches to a repository.

Even then DivestOS likely would not be secure against such a targeted attack.

Your best chance would be with a device running GrapheneOS and maintain the assumption any data on it can be had if you believe you might be targeted by such adversary.

But you should also note that these vulnerabilities after they are known end up used in malware.
That same CVE-2019-2215 was recently used in a malware campaign:

At the end of the day it is best you only keep a device that is actively patched against known issues.

Manoj · January 8, 2022, 7:01pm

This topic was automatically closed after 15 days. New replies are no longer allowed.