incredible,-terrifying-and-without-possible-defense-(until-now):-this-is-how-google-project-zero-qualifies-the-'exploit'-of-pegasus-against-the-iphone

Incredible, terrifying and without possible defense (until now): this is how Google Project Zero qualifies the 'exploit' of Pegasus against the iPhone

Incredible, terrifying and defenseless possible (so far): this is how Google Project Zero qualifies the & # 039; exploit & # 039; of Pegasus against the iPhone

Hello, Welcome to the RockedBuzz.com News site! I will present you all the details of Incredible, terrifying and defenseless (so far): this is how Google Project Zero rates the & # 039; exploit & # 039; of Pegasus against the iPhone here.

Incredible, terrifying and defenseless possible (so far): like this Google Project Zero rates the & # 039; exploit & # 039; Pegasus vs iPhone

Incredible, terrifying and defenseless (so far): this is how Google Project Zero rates the & # 039; exploit & # 039; of Pegasus against the iPhone We have explained the details of the news, step by step, below. Incredible, terrifying and defenseless (so far): this is how Google Project Zero rates the & # 039; exploit & # 039; of Pegasus against the iPhone Keep reading our news. Here are all the details on the subject.

Incredible, terrifying and defenseless possible (so far): this is how Google Project Zero rates the & # 039; exploit & # 039; Pegasus vs iPhone

We’ve known for a while one of the most devastating exploits on an iPhone: ForcedEntry. The way that the well-known Pegasus malware has to sneak in and spy on political dissidents, government officials or journalists. Now, Google Project Zero has been able to analyze this exploit in more detail: “one of the most technically sophisticated exploits we have ever seen” .

An exploit that only iOS protects us from 15.two

First the good news: updating our iPhone to iOS 15. 2 we are safe from this exploit as it is clear from the security updates that Apple has released for this update. The other good news, before going any further, is that this software is not directed at us unless we have an important public office or are a high-level journalist or political dissident, to give a few examples.

Pegasus , which uses the ForcedEntry exploit to sneak into an iPhone, It is worth thousands of dollars and only is sold to states as an anti-terrorism tool . To be more correct we must say that it was “sold” because, the company behind these attacks, the NSO Group is close to bankruptcy after the commercial exclusion of the United States and the Apple demand .

In terms of security there are two maxims that we should keep in mind: “Let us always keep our devices updated” and “There is no system 100% sure”. We are referring to the second when, from Google Project Zero, they affirm that this is “one of the most technically sophisticated exploits that we have ever seen and that it is at the level of attacks by the spies of the most advanced nation-states “.

An attack at the level of attacks by the spies of the most advanced nation-states.

In its latest version, this exploit didn’t even require any clicks. It took advantage of iMessage’s way of interpreting GIF files to open a malicious PDF using a compression tool that processes the text for optical character recognition, into which malware sneaks. Just the same explanation, without going into technical details, gives us an idea of ​​the complexity of this attack .

Once the input is obtained, a kind of virtual machine is created that isolates itself from external servers to avoid being detected while accessing the content of the device. Come on, a nightmare for people whose privacy is essential to maintain their own security .

“You can’t create a back door only for the good guys”

Luckily, Apple has been able to patch the systems and have closed the door to this kind of attack. Forever? Well, as we said, there is no system of the attackers. For now, looking at the financial situation of the NSO group, we could breathe easy, but the truth is that security must continue to evolve to keep us protected .

Tim Cook said it a few months ago: “You can’t create a back door only for the good guys” . If, without artificially weakening the system, we can see these kinds of attacks, we should be clear that we must go towards greater security, not less. In this sense, Apple is beginning to notify the owners of the affected phones so that they can take the relevant actions.

As our phones become more and more the center of our entire lives, attacks against the information they contain become more sophisticated and the protections against them evolve. For now iOS 039. 2 is a guarantee, but we will be pending.

Image | Franck