Pegasus Project

Q. What year is it?
A. 1984

“Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.”


“which the company insists is only intended for use against criminals and terrorists.”

“The phone number of a freelance Mexican reporter, Cecilio Pineda Birto, was found in the list, apparently of interest to a Mexican client in the weeks leading up to his murder”

I wonder if GrapheneOS is vulnerable to Pegasus.

Only way to know is figuring out how it gets on the target’s phone.

I see they cover it in Wikipedia

Pegasus’ iOS exploitation was identified in August 2016. Arab human rights defender Ahmed Mansoor received a text message promising “secrets” about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab, who investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it

1 Like

Probably a similar story for android. I never re-locked my bootloader after installing LineageOS I bet that makes things easier…

The malware is targeted for Android and iOS. One would assume the phone has been jailbroken to put GrapheneOS on the device.

I guess I am pretty safe as now I mostly use my Windows Phone, and Linux based OS PinePhone.

All the more reason for us to work towards open source phone OS on open hardware asap, in my opinion. Phone’s the obvious way to invade privacy for those who want to do that :frowning:

1 Like

Yes; as a community we must support open source phone OS development.

Problem is open source has been criticized. I was reading despite open source projects being open source, not many are really auditing the code for exploits. The reason many exploits have been uncovered is not because of someone auditing, then reporting result, but because someone did audit the code, then saw a way to exploit it, then actually did it.

1 Like

I recently watched a review of a windows phone as it holds up in 2020. It looks pretty good actually, I’d consider buying one though I worry about it’s longevity if carriers start phasing out 3G. Yet another means of forcing us to throw away good electronics.

I generally despise using a phone for doing most things. Its just not productive for me. Checking email is one thing but by the time I’m done typing anything I’m angry lol. It’s keyboard-rage I guess.

I’d amost prefer to carry a netbook and connect a pinephone as a cellular modem.

If it is vulnerable, then that vulnerability is getting under the radar of many privacy and security advocates as many of them rely on GrapheneOS – namely M. Bazzell. I’ll be looking forward to his next podcast as I’m sure he will address the subject head on. One thing for sure is that he will be promoting the Faraday Bag.

You must be referring to the old version of Windows Phone. versions 7, 8, and 8.1 had serious issues. One of them is you could not even out your own software on them unless you registered the device for “Developer Mode.” Since that has been shuttered, I know of no other way to get software on them. Also, access to the Microsoft Store has been cut off.

However, with version 10, many things changed. You can still add your own software to it, and ones which are still available on the Windows Store. For some reason, many companies pulled their software off there, or if they did not, used special ports for their service only for windows phone. Services like Yelp, PayPal, LinkedIn and a few others no longer will connect.

However, there is still Telegram, Viber, Skype and a few others still working fine.Even open source SIP client Linphone is available.

You can Also you can get plenty of the phones with LTE.

I beleive the last WIndows phones ever made was the HP Elite X3 (2019?) , and one by HTC which included a VR headset. I think there was also one made by some company in the UK around the same time for the UK market as Windows Phone was very popular there.

Yes, it was one of the older versions. I haven’t seen a Windows phone in the wild since 2009 and I haven’t seen one at a kiosk for almost as long. I’ll check out those models.

The bootloader is relocked by default after installing GrapheneOS.

Sorry, it was not an HTC, but a Alaatel OneTouch Idol 4S.

Myself, I have a Alcatel One Touch Fierce XL. It seems to be getting worn out as it is getting painfully slow. I will probably look for the HP one

But it seems the malware unlocks it.

The news about this are incredible. Makes me wonder why I still use a smartphone. Maybe I should get out my old Nokia from the drawer but then those phones have their own issues and no encrypted communications.

I dug up an old Sony flip phone from years ago to take on a trip because the battery lasted so much longer. The battery was completely dead, wont charge and I’m pretty sure the SIM card is different now. They used to be bigger I think.

The future lies in open source. A phone with its innards open for everybody to see. Hard and software. This is the only way, i think, to know that there’s no foul play.
Like a fairphone with graphene, or ubtouch, or something similar. Everything should be accessible and subject to scrutiny.
Now to find somebody to build such a thing… :slight_smile:
Ofcourse, this doesn’t rule out that bad actors like these guys will try to infect your phone, but it’s a step in the right direction.

I definitely agree with the need for more auditing; that way holes can be plugged even if those with malicious intent are going through the code too.

1 Like