this post was submitted on 19 Jul 2021
-2 points (41.7% liked)
Privacy
31946 readers
673 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Seeing this post again made me think, apart from my previous reply, about something else.
I think your "popularity of software" argument is great because it probably holds true, in that an investment in finding an exploit has larger returns if the exploitable software is widely used. But rather than thinking in terms of apps, we could think in terms of operating systems. What if the vector of infection is not an app and rather is an OS? This is perfectly possible and there are massive incentives to find such exploits since this is not app-dependent.
This means that merely using iOS or Android in any capacity (either through Lineage OS or perhaps even Replicant) could be enough for infection. And so far, not knowing what the vectors of infection are for Pegasus, this is perfectly possible.
Perhaps using Linux OS is a good idea, given it's not as popular.
Yes, I agree, but Android is sufficiently secure as Google has incentives (now even more with grifter Apple blocking others' spying to allow just theirs) to make more and more users get trapped in Google's ecosystem, plus the development is open source, due to which zero days are extremely costlier to find on Android than for iOS: https://www.wired.com/story/android-zero-day-more-than-ios-zerodium/. This also shows us closed source obscure security model failed with Apple, and even for Windows.
Also, Android is a lot easier to be able to exercise control on and lockdown, and use trusted FOSS software on.
Moreover, if you are doing mission critical work like dissent, journalism, whistleblowing and so on, phones should exclusively be used as communication tools and to click photos and so on. I have covered this in my Activist and Protestors Handbook: https://lemmy.ml/post/34220
One should definitely try and use Linux based distribution, tweaked for your own security needs, for as much work as possible in such cases.
I am having trouble with creating my Linux Hardening Guide currently, which I definitely want to try completing in its entirety like I did the Smartphone Hardening Guide. This is essential because no such guide for Linux exists that is as easy, digestible and considers a lot of things that all current guides lack. And I definitely would love to intertwine it with a new version of the Activists and Protestors Handbook.