{"id":45598,"date":"2021-10-24T12:25:39","date_gmt":"2021-10-24T19:25:39","guid":{"rendered":"https:\/\/www.politicsplus.org\/blog\/?p=45598"},"modified":"2021-10-24T12:25:39","modified_gmt":"2021-10-24T19:25:39","slug":"everyday-erinyes-289","status":"publish","type":"post","link":"https:\/\/www.politicsplus.org\/blog\/2021\/10\/24\/everyday-erinyes-289\/","title":{"rendered":"Everyday Erinyes #289"},"content":{"rendered":"

Experts in autocracies have pointed out that it is, unfortunately, easy to slip into normalizing the tyrant, hence it is important to hang on to outrage. These incidents which seem to call for the efforts of the Greek Furies (Erinyes) to come and deal with them will, I hope, help with that. As a reminder, though no one really knows how many there were supposed to be, the three names we have are Alecto<\/strong><\/span>, Megaera<\/span><\/strong>, and Tisiphone<\/span><\/strong>. These roughly translate as “unceasing,” “grudging,” and “vengeful destruction.”<\/p>\n

We’ve talked a great deal here about technology used by governments to spy on its citizens. This article is a bit of an update on some of the latest technology. “Pegasus” – it sounds so benign, doesn’t it? Images of unicorns and My Little Ponies come to mind. And I won’t even go so far as to say “This is the dark side,” because this technology can definitely be used for good. (Don’t you just wish it were being used right this moment to track Bannon? And a few choice others?) But it wll never be used effectively for good as long as it is being used by people who think they can tell a “bad guy” by looking at someone.
\n================================================================<\/p>\n

What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets\u00a0in<\/h1>\n
A woman holds a phone in front of the office of NSO Group, which makes a tool that can see and hear everything a phone is used for.
\nJack Guez\/AFP via Getty Images<\/a><\/span><\/figcaption><\/figure>\n

Bhanukiran Gurijala<\/a>, West Virginia University<\/a><\/em><\/p>\n

End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients\u2019 phones, which means anyone who intercepts the messages in between can\u2019t read them. Dropbox, Facebook, Google, Microsoft, Twitter and Yahoo are among the companies whose apps and services use end-to-end encryption<\/a>.<\/p>\n

This kind of encryption is good for protecting your privacy, but governments don\u2019t like it<\/a> because it makes it difficult for them to spy on people, whether tracking criminals and terrorists or, as some governments have been known to do, snooping on dissidents, protesters and journalists. Enter an Israeli technology firm, NSO Group<\/a>.<\/p>\n

The company\u2019s flagship product is Pegasus, spyware<\/a> that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems<\/a> and turn them into surveillance devices. The company says it sells Pegasus only to governments<\/a> and only for the purposes of tracking criminals and terrorists.<\/p>\n

How it works<\/h2>\n

Earlier version of Pegasus<\/a> were installed on smartphones through vulnerabilities<\/a> in commonly used apps or by spear-phishing<\/a>, which involves tricking a targeted user into clicking a link or opening a document that secretly installs the software. It can also be installed over a wireless transceiver<\/a> located near a target, or manually if an agent can steal the target\u2019s phone.<\/p>\n

\"Close-up<\/a>
Pegasus can infiltrate a smartphone via the widely used messaging app WhatsApp without the phone\u2019s user noticing.<\/span>
\nChristoph Scholz\/Flickr<\/a>, CC BY-SA<\/a><\/span><\/figcaption><\/figure>\n

Since 2019, Pegasus users have been able to install the software on smartphones with a missed call on WhatsApp<\/a>, and can even delete the record of the missed call, making it impossible for the the phone\u2019s owner to know anything is amiss. Another way is by simply sending a message to a user\u2019s phone that produces no notification.<\/p>\n

This means the latest version of this spyware does not require the smartphone user to do anything. All that is required for a successful spyware attack and installation is having a particular vulnerable app or operating system installed on the device. This is known as a zero-click exploit<\/a>.<\/p>\n

Once installed, Pegasus can theoretically harvest any data<\/a> from the device and transmit it back to the attacker. It can steal photos and videos, recordings, location records, communications, web searches, passwords, call logs and social media posts. It also has the capability to activate cameras and microphones for real-time surveillance without the permission or knowledge of the user.<\/p>\n

Who has been using Pegasus and why<\/h2>\n

NSO Group says it builds Pegasus solely for governments to use in counterterrorism and law enforcement work. The company markets it as a targeted spying tool to track criminals and terrorists and not for mass surveillance. The company does not disclose its clients.<\/p>\n

The earliest reported use<\/a> of Pegasus was by the Mexican government in 2011 to track notorious drug baron Joaqu\u00edn \u201cEl Chapo\u201d Guzm\u00e1n. The tool was also reportedly used to track people<\/a> close to murdered Saudi journalist Jamal Khashoggi.<\/p>\n

It is unclear who or what types of people are being targeted and why. However, much of the recent reporting<\/a> about Pegasus centers around a list of 50,000 phone numbers. The list has been attributed to NSO Group, but the list\u2019s origins are unclear. A statement from Amnesty International in Israel stated that the list contains phone numbers<\/a> that were marked as \u201cof interest\u201d to NSO\u2019s various clients, though it\u2019s not known if any of the phones associated with numbers have actually been tracked.<\/p>\n

A media consortium, the Pegasus Project<\/a>, analyzed the phone numbers on the list and identified over 1,000 people in over 50 countries. The findings included people who appear to fall outside of the NSO Group\u2019s restriction to investigations of criminal and terrorist activity. These include politicians, government workers, journalists, human rights activists, business executives and Arab royal family members.<\/p>\n

Other ways your phone can be tracked<\/h2>\n

Pegasus is breathtaking in its stealth and its seeming ability to take complete control of someone\u2019s phone, but it\u2019s not the only way people can be spied on through their phones. Some of the ways phones can aid surveillance and undermine privacy<\/a> include location tracking, eavesdropping, malware<\/a> and collecting data from sensors.<\/p>\n

\"An<\/a>
Law enforcement agencies use cell site simulators like this StingRay to intercept calls from phones in the vicinity of the device.<\/span>
\nU.S. Patent and Trademark Office via AP<\/a><\/span><\/figcaption><\/figure>\n

Governments and phone companies can track a phone\u2019s location by tracking cell signals from cell tower transceivers and cell transceiver simulators<\/a> like the StingRay<\/a> device. Wi-Fi and Bluetooth signals can also be used to track phones<\/a>. In some cases, apps and web browsers can determine a phone\u2019s location.<\/p>\n

Eavesdropping on communications is harder to accomplish than tracking, but it is possible in situations in which encryption is weak or lacking. Some types of malware can compromise privacy by accessing data.<\/p>\n

The National Security Agency has sought agreements with technology companies under which the companies would give the agency special access into their products via backdoors<\/a>, and has reportedly built backdoors on its own<\/a>. The companies say that backdoors defeat the purpose of end-to-end encryption<\/a>.<\/p>\n

The good news is, depending on who you are, you\u2019re unlikely to be targeted by a government wielding Pegasus. The bad news is, that fact alone does not guarantee your privacy.<\/p>\n

[Understand new developments in science, health and technology, each week.<\/em> Subscribe to The Conversation\u2019s science newsletter<\/a>.]\"The<\/p>\n

Bhanukiran Gurijala<\/a>, Assistant Professor of Computer Science & Information Systems, West Virginia University<\/a><\/em><\/p>\n

This article is republished from The Conversation<\/a> under a Creative Commons license. Read the original article<\/a>.<\/p>\n

================================================================
\nAlecto<\/strong><\/span>, Megaera<\/span><\/strong>, and Tisiphone<\/span><\/strong>, beside the fact that there is no microchip small enough to go through a needle of the size used to deliver the CoViD vaccine, isn’t it ironic – or wouldn’t it be ironic if irony were still alive – that anti-vaxxers carry cell phones with them everywhere they go?<\/p>\n

The Furies and I will be back.<\/p>\n","protected":false},"excerpt":{"rendered":"

Experts in autocracies have pointed out that it is, unfortunately, easy to slip into normalizing the tyrant, hence it is important to hang on to outrage. These incidents which seem to call for the efforts of the Greek Furies (Erinyes) to come and deal with them will, I hope, help with that. As a reminder, […]<\/a><\/p>\n","protected":false},"author":8,"featured_media":40592,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[3729,4684,4681,4683,4682],"class_list":["post-45598","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-politics","tag-furies","tag-pegasus","tag-spyware","tag-surveillance","tag-tracking","category-5-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"_links":{"self":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts\/45598","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/comments?post=45598"}],"version-history":[{"count":0,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts\/45598\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/media\/40592"}],"wp:attachment":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/media?parent=45598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/categories?post=45598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/tags?post=45598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}