• rottingleaf@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    12 hours ago

    How do spyware services used by nation-state customers, like Pegasus, work?

    They use backdoors in commonly used platforms on an industrial scale.

    Maybe some of them are vulnerabilities due to honest mistakes, the problem is - the majority of vulnerabilities due to honest mistakes also carry denial of service risks in widespread usage. Which means they get found quickly enough.

    • mosiacmango@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 hours ago

      So your stance is that Google is applying self designed malware to its own services to violate its own policies to harvest data that could bring intense legal, financial and reputational harm to it as an org it was ever discovered?

      Seems far fetched.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        10 hours ago

        Legal and financial - doubt it. Reputational - counter-propaganda is a thing.

        I think your worldview lags behind our current reality. I mean, even in 30-years old reality it would seem a bit naive.

        Also you’ve ignored me mentioning things like Pegasus, from our current, not hypothetical, reality.

        • mosiacmango@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          32 minutes ago

          So yes.

          You think a nearly trillion dollar public company has an internal division that writes malware against flaws in its own software in order to harvest data from its own apps. It does this to gain just a bit more data about people it already has a lot of data on, because why not purposely leave active zero days in your own software, right?

          That is wildly conspiratorial thinking, and honestly plain FUD. It undermines serious, actual privacy issues the company has when you make up wild cabals that are running double secret malware attacks against themselves inside Google.