this post was submitted on 19 Mar 2024
43 points (89.1% liked)

Privacy

31997 readers
758 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Is there a fork of Android (or a way to harden it) that locks down the OS similarly to how Apple does it?

Apple's implementation can actually protect you from commercial spyware. I'm impressed.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 8 months ago (14 children)

I'm assuming your talking about AOSP? Basically anything that's privacy or freedom oriented such as Graphene, Calyx or Divested OS.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (10 children)

Can any of them prevent a Pegasus-style attack?

If I understand correctly, Apple does it by disabling common attack vectors, remote fonts for example.

[–] [email protected] 12 points 8 months ago (7 children)

No. Even iOS (even with lockdown mode) can definitely still be hacked.

Anyone who tells you otherwise doesn't know what he's talking about.

If you're being targeted by someone with access to Pegasus-style spyware, you need more than consumer-level protection.

[–] [email protected] 0 points 8 months ago (1 children)

That's true, all devices are hackable, there's no 100% protection.
No tool is perfect, but if that's a security improvement, it might be worth enabling.

I know of at least one instance where lockdown mode protected a user from NSO spyware.
A Citizen Lab's research confirmed it:

For a brief period, targets that had enabled iOS 16’s Lockdown Mode feature received real-time warnings when PWNYOURHOME exploitation was attempted against their devices. Although NSO Group may have later devised a workaround for this real-time warning, we have not seen PWNYOURHOME successfully used against any devices on which Lockdown Mode is enabled.

It is encouraging to see that Apple’s Lockdown Mode notified targets of in-the-wild attacks. While any one security measure is unlikely to blunt all targeted spyware attacks, and security is a multi-faceted problem, we believe this case highlights the value of enabling this feature for high-risk users that may be targeted because of who they are or what they do.

[–] [email protected] 2 points 8 months ago (1 children)

I didn't say it wasn't worth enabling (FWIW I used lockdown mode in the past and now use GrapheneOS); just don't expect it to protect you from these kinds of threats. You might get lucky, but you can't rely on it (and it still might be worth it to you just based on that).

A big part of security is understanding what you're protecting against, and weighing the effect of increasing the security of your system on its usability.

[–] [email protected] 1 points 8 months ago

Clear and straightforward. Thank you.

load more comments (5 replies)
load more comments (7 replies)
load more comments (10 replies)