• Russia appears to be targeting journalists with spyware known as Pegasus.

  • Pegasus is a “zero-click” software, hacking phones by sending texts that don’t need to be opened.

  • The software has targeted dozens of journalists, activists, and politicians in recent years.

  • @drcobaltjedi@programming.dev
    link
    fedilink
    English
    51 year ago

    Ye, it’s a real thing. A quick google search for the term “companies that buy software exploits” lead me to the following real companies that will buy exploits you find; zerodium, offensive cyber, and vupen. In fact, zerodium currently has a $400,000 bounty for an exploit for microsoft outlook. It’s very useful for say something like a government to know about these hacks in case say they want to hack someone. For example stuxnet was written by the US to fuck with Iranian centrifuges.

    Pegasus isn’t just a single exploit. It uses many and every patch to an OS doesn’t fix every single exploit so there’s always another way Pegasus can break into the system. Also, do you think that with every update to iOS the developers are rewriting their entire code base? I’ve written lots of updates for my software and I almost never scrap the entire thing when I need to do rewrites.

    Again, Apple, a 2 TRILLION dollar company, can only fix exploits they know exist.

    • masterofn001
      link
      fedilink
      English
      -1
      edit-2
      1 year ago

      Again, with 2 trillion dollars, I’d fucking hire every hacker, grey, black, white, and red hat, every security expert, every current and former intelligence agent, consultant, pundit, engineer, 7 year old prodigy, AI, and the corpse of Steve Jobs to fix a problem that essentially makes any and all security features null and void.

      But, that’s just me.

      I’m not a shareholder grasping at my 96 cent dividend over the safety and lives of people.

      And even after spending all that, I’d still have 2 trillion because that is an insane figure that is so big it would pay 10 million people 200k. Surely enough to fix the problem.