๐Ÿ‘Ž Zero Click

Pegasus has proved that the only way to ensure phone security is by not having a phone | Yet another billionaire goes to space

๐Ÿ‘Ž Zero Click
What happens when your Pegasus is left unchecked

Hello readers and welcome to the distributed ledger of ideas...

This week was something I could have done without ๐Ÿ‘Ž. Why?

  • Pegasus is a majestic flying horse, but also... a very bad thing that happened that I will talk more about shortly.
  • Jeff Bezos went into space and didn't die, the cunt
  • Twitter might get downvotes, which is great because the inventor of Dogecoin is downvoting cryptocurrency altogether.

๐Ÿช Fuck you, Earth

On Tuesday, master expansionist Jeff Bezos went on a joyride to space in his new billionaire capsule. Remember: Richard Branson did the same thing last week, but it wasn't 'real' space because it was too close to Earth. Branson's voyage took 90 minutes, whereas Jeff's one only took 11 minutes? Even though he went 'deeper' into space? How?

My answer: who cares. These are the important questions:

How many items does an Amazon warehouse worker need to scan in 11 minutes so they don't get fired? The answer is around fifty-five, and if you do this you're probably suffering from repetitive strain.

How many times does Jeff Bezos need to go into space? The answer is 0; he's a billionaire... he doesn't 'need' to do anything. Lest we forget his unhealthy obsession with expanding the human race to a trillion humans, so that we may have "1,000 Mozarts and 1,000 Einsteins", which is the most neoliberal reason to do anything; it's almost as if he wants to produce humans who, in turn, can produce entertainment (Mozarts) and ideas (Einsteins) for him โ€” galvanised by the customer-centric, instant-gratification of Amazon's well-oiled logistics machine.

His optimism sickens me. Humans are terrible and everyone on Earth is miserable. But fine! Go and colonise space!

๐Ÿ” Right let's get this whole Pegasus thing out of the way...

More than one of you have asked me if I'm writing about the big Pegasus scandal that's been affixing itself to our newsfeeds this week. The answer is: well I fucking have to now that you've asked that, don't I?

ICYMI, what is Pegasus: it's a piece of spyware (like Audacity ๐Ÿ˜‰), made by an 'Israel' based 'cyber intelligence' company called NSO Group. Once Pegasus gets on your phone, it can control your camera and microphone, read and copy data, and destroy your life (it has already done this to 37 people of note).

Not to be alarmist but: it's quite literally one of the most aggressive and covert pieces of spyware out there... that we know of ๐Ÿ˜ณ. But don't worry! Typical targets tend to be prominent journalists, activists, and anyone who opposes powerful governments in any way shape or form. So if you're a very quiet person who never expresses their opinion online, in group chats, or in private IRL interactions, OR you 100% agree with whatever government is in charge of you, you're probably fine. But destroy your phone just to be safe x

When you visit the NSO Group website, you'll notice that the copy and design screams 'government contracts are the only things that get me hard now, please help'. ย So hopefully it shouldn't take you long to form an opinion of them...

If you feel like you haven't read enough about Pegasus yet but don't know where to start, I suggest the following three things:

The Guardian wrote a very clear, not that long, explanation on what Pegasus does. Some key things to pull out:

  • One of the reasons why Pegasus is so effective is because it's almost tailor-made for the kinds of targets that an NSO Group client will want to attack. The founder of Telegram is probably not susceptible to the average phishing scam.
  • So, instead of asking you to click on a shady link, the software can exploit other vulnerabilities with no action needed from the user.
  • That is why this kind of attack is called โ€˜zero clickโ€™ โ€” if you do get a dodgy SMS, you don't need to click on a link for Pegasus to nestle its way into your phone... just receiving the text is enough.

This CNN piece focusses less on how Pegasus works, and more on the actual events of the story. In here it gives you bits of the statement that NSO Group made on Sunday after this all exploded.

  • Here's one thing they blurted out: "[The NSO Group] goes not operate the system and has no visibility to the data." A completely irrelevant statement meant to deflect blame to the people who were literally using the tool for what it was designed for...
  • They also said they would investigate "all credible claims of misuse and take appropriate action based on the results". Okay but... surely any use of technology like this should be considered 'misuse' because technology like this should simply BE NOT ALLOWED ANYWHERE.

Then, if you want something very in depth and technical, look at Amnesty International's forensic analysis of how Pegasus infiltrates systems. Key threads to grasp:

  • The NSO Group say that Pegasus is completely untraceable, and only used to catch criminals or terrorists. Amnesty have disproved both of these statements because, obviously, it has now been traced, and human rights activists don't really fit into the (very stupid) category of 'criminals and terrorists'.
  • โ€œPegasus can do more than what the owner of the device can do.โ€ said Claudio Guarneiri, who led this security team โ€” yikes.
  • Pegasus doesn't even stay on phones anymore; it lives in the memory, so it disappears as soon as someone turns their phone off
  • The latest compromised phone they found was "a fully patched iPhone 12 running iOS 14.6 in July 2021." Apple really REALLY have some explaining to do.

Right so, the way I see it, two problems exist now:

  1. For humanity: technology like Pegasus exists, and it is used by governments
  2. For The NSO Group: they got caught, and now their client base will probably change (i.e. get smaller...)

Which problem do you think we will address first? ๐Ÿคช

๐Ÿคนโ€โ™€๏ธ Other tasty lozenges for your tired, Friday brain

๐Ÿ• The human-shaped turd who invented DogeCoin went on Twitter and complained about how cryptocurrency is a hyper-capitalistic technology that amplifies wealth by helping people avoid tax and enforcing artificial scarcity. Okay well... thank you for adding to that I guess??

๐Ÿ›ฐ๏ธ There's going to be wooden satellites in space, I read on a site called Defense One (I honestly have no idea how I got there, leave me alone). These are better because they burn up and disappear once they're spent, thus not adding to the ever expanding halo of space junk around Earth.

โฌ‡๏ธ Twitter are testing a downvote button: maybe you've seen this already, but it looks like there are three versions which you can see here. These will only go on replies, but will not be displayed publicly so be prepared for a lot of screenshots. Personally I preferred calculating the people's distaste for a reply by looking at the like-to-reply ratio, but I'm old fashioned.

Ah, you've made it to the sweaty under-carriage of this week's post. Thank you for taking the time to read โ€” I promise you it took me 823750237329 times longer to write, so consider throwing money at me to make me feel better about that fact. Thank you!

โœจDo you disagree with me? Have something to add? Wanna just vent about how software is eating the world? โ†’ Email me or get me on Twitter.