this post was submitted on 19 Jul 2021
-2 points (41.7% liked)
Privacy
31946 readers
636 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Also make sure to power down your devices regularly as to flush the temporary memory (provided the hard drive is not infected)
Malware usually does not sit in RAM, but internal storage. What you are suggesting is likely runtime or unpacking code style attacks. Those are different, and protection against them is easier as user has to manually install and run such apps on Android.
One of the articles about it (I think from The Guardian) said that it can run in RAM which was one thing making it harder to detect. It said that it was present until a reboot.
It is a common practice that if your phone has been left unattended and is out of your sight and is within reach of suspicious or legal criminal authorities, when you return, restart it. I thought it would be clear to people.
It would be better to rephrase my statement as nothing persisting in RAM if you turn off its power or the device that has RAM.
If Pegasus required physical access to your device that would be relevant. However, it's installed through several other means and according to articles I've read can live in RAM. So restarting regularly despite never having an unattended device seems prudent.
Code cannot persist in RAM and survive power loss. The only way that is possible for RAM to have that code persistently is that the code is stored on disk storage, and the code gets copied over to RAM upon each reboot.
No one is arguing that RAM is persistent after reboots..
@yxzi 's original comment suggested regularly restarting your device, which coincincides with the assessment that Pegasus can live in RAM. I see it as nothing but great advice and I can't figure out why it illicited your responce in a post created by you about "staying safe from Pegasus."
edit: a few letters
Pegasus does not live in RAM. Pegasus is copied from disk storage to RAM each time, so it cannot be persistent by design of RAM. If Pegasus is getting detected into your RAM, there are bigger problems than a mere restart of your device.
My post is not making me respond because I want to argue needlessly, but because the problem might be more severe. A restart of phone after your phone has been out of sight is a good measure, but if after repeated restarts it is found there, that is what I was pointing out.