this post was submitted on 16 Aug 2024
649 points (98.9% liked)
Technology
58303 readers
10 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I want my phone to be more like a computer and install what I want on it. But, I recognize the walled App Stores has maybe protected the common folks from turning our cellular network into a large, out of control, botnet.
With that said, I recognize computers exist. I guess I just hope it’s done with thought and care.
For what it’s worth, both Android and iOS are vulnerable to zero click RCEs, see NSO Group and their Pegasus spyware.
One of the reasons we don’t really have zombie phones in botnet swarms is because selling the RCE on the grey market is way more lucrative than burning it to infect some devices for a botnet since phones are way more attractive targets than computers if you’re actively targeting an individual.
A fully compromised smartphone is will give access to practically all of a target's communications: their phone calls, SMS messages, encrypted text messaging (Signal/WhatsApp/iMessages) and probably their email as well. You will also gain access to a good portion of their web browsing, and their is a very good chance you will gain access to their 2FA as well (Authenticator application or SMS) allowing you to further easily compromise any of their online accounts. Plus, you gain access to any files on their phone (which are often very good kompromat if your goal is to blackmail), their live location and the ability to spy on them covertly through the camera and the microphone.
Compare that to a laptop. You gain access to some of their web browsing, some files (often only professional in nature), and maybe access their camera and microphone some of the time, since the laptop isn't always on and beside you.
Not really. Tons of apps are such bad quality, I'm actually wondering if there's more shit in the app stores than anywhere else...