cross-posted from: https://lemmy.ml/post/74540
Hello! I think it is a nice time to re-mention some 101 tips of IT security for folks here, that I also practice. Pegasus malware investigation will be big news for a good while, so the more awareness it helps spread, the better.
RULE 1
DO NOT CLICK ON RANDOM SMS AND EMAIL LINKS. Please, do not do this, ever. Just do not do it. Do not do it. Do not do it. Do not do it.
Yes, that is how many times I repeated that line. That is how important this rule is.
Also, do not download random email attachments.
Phishing is such a common tactic that one would think this problem has been solved by now, but it has not.
RULE 2
Keep OFF auto download of photos, videos, documents and so on on WhatsApp, Signal and such apps.
Drive by downloads being self executable surprise bombs is not a new thing. Basically, this rule is similar to keeping off AutoPlay for external USB sticks on Windows computers.
RULE 3
Avoid using popular software too much.
I get it, this is a hard rule to workaround considering how much we need to use WhatsApp, Signal, Telegram and so on, so it is a lot better to compartmentalise your activities among multiple messengers.
Pegasus and a lot of specialised malware uses zero-days to be able to design zero click deployment tricks, which is what these government surveillance tools are good at reserving. They use their millions of dollars of funding and R&D properly, so you have to be careful.
As an example, try to keep WhatsApp internet turned off most of the times via NetGuard, and turn it on only when needed, a good method I have earlier suggested as well in my smartphone hardening guide.
CONCLUSION
Those were some thoughts on the top of my head, before I go to sleep. Stay safe against surveillance! And feel free to ask whatever you want to!
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 84 users / day
- 537 users / week
- 1.5K users / month
- 6.58K users / 6 months
- 1 subscriber
- 2.32K Posts
- 54K Comments
- Modlog
Seeing this post again made me think, apart from my previous reply, about something else.
I think your “popularity of software” argument is great because it probably holds true, in that an investment in finding an exploit has larger returns if the exploitable software is widely used. But rather than thinking in terms of apps, we could think in terms of operating systems. What if the vector of infection is not an app and rather is an OS? This is perfectly possible and there are massive incentives to find such exploits since this is not app-dependent.
This means that merely using iOS or Android in any capacity (either through Lineage OS or perhaps even Replicant) could be enough for infection. And so far, not knowing what the vectors of infection are for Pegasus, this is perfectly possible.
Perhaps using Linux OS is a good idea, given it’s not as popular.
Also make sure to power down your devices regularly as to flush the temporary memory (provided the hard drive is not infected)
Malware usually does not sit in RAM, but internal storage. What you are suggesting is likely runtime or unpacking code style attacks. Those are different, and protection against them is easier as user has to manually install and run such apps on Android.
One of the articles about it (I think from The Guardian) said that it can run in RAM which was one thing making it harder to detect. It said that it was present until a reboot.
It is a common practice that if your phone has been left unattended and is out of your sight and is within reach of suspicious or legal criminal authorities, when you return, restart it. I thought it would be clear to people.
It would be better to rephrase my statement as nothing persisting in RAM if you turn off its power or the device that has RAM.
If Pegasus required physical access to your device that would be relevant. However, it’s installed through several other means and according to articles I’ve read can live in RAM. So restarting regularly despite never having an unattended device seems prudent.
Code cannot persist in RAM and survive power loss. The only way that is possible for RAM to have that code persistently is that the code is stored on disk storage, and the code gets copied over to RAM upon each reboot.