Both are bad no difference. Fuck world governments and especially Israel it gets to much or a pass because people conflate antisemitism and actual criticism of the state of Israel. Nothing against Jews
@@monsterhunter445 Agreed. Israel can hide behind a shield of antisemitism, despite their actions not reflecting the opinions of every jew on earth. For instance, jews represented by Neturei Karta and Satmar Hasidism.
I don't have anything to hide, I'm not paranoid. But THIS statement is the exact reason I harden my devices. From locking down ports (unless gaming) to switching to DuckDuck, to erasing all cookies on browser exit, to enabling certain practices healthy for security that people around me don't do (such as limiting my time on Google outside RUclips). There exist evil people out there who just want to hurt you. A government backdoor is an extra opportunity for them to do that.
nope its called a zero day . not everyone has the vulnerability . also governments can force and make deals with companies so that they leave special backdoors for their agents to use. like they did with intel and google and facebook etc
Reminds me how there was a big story about the NSA trying to crack an iPhone as a piece of evidence, the media reporting on the legal battles with Apple, and how Apple was using the moment to sell phones based on their security, then one day the NSA was just like "nvm fixed it" and the entire story just stopped entirely and most people don't remember it.
that wasn't the NSA, it was the FBI and apple gave them everything they asked for behind the curtains (it's apple), it was all just a big PR stunt, and they all won on it. the FBI loves it when people think they can't get into your devices, and apple gives 0 shits about your privacy, never think otherwise.
@@kix3019 They want to sell in china, so they have servers in china for data on chinese citizens, which they do have to yield to the authorities there. AFAIK no outside-china data is shared.
Just imagine being the guy setting that contract up... " so if we pay you this much every month we get access to everything we want?" " and you're only hacking the guys we want to hack right not us right?"
Reminder, Plarium, the developer of RAID: Shadow Legends and Vikings: War of Clans is located across the street from NSO Group. If you've ever installed one of those games, it seems reasonable to assume your phone already has Pegasus on it.
Your channel has sent me down quite a path. I saw one of your videos about soydevs and that sent me on a rabbit hole learning about machine code and the efficiency of different languages, which in turn made me want to learn how to do things the right way. I never got much past "hello world" before, but now I'm learning how to do gamedev as an intro to C++ and developing 3D modeling skills. It's very fulfilling and I have really been enjoying the hobby! Thank you for helping me get out of a depressive rut
@@angryteapod1765 lol, search back rooms found footage, blender really shouldn't be viewed so negatively. Yes its infamous for memes but it really is decent.
But US is not mad at Israel thou they just bought a special version called phantom to spy on their people Long gone using American only tools time to outsource stuff like this
I'll be the first to say i agree with everything mental said in the video. Encroaching shit like this absolutely brings us closer to a darker place and reduces our freedoms. But if it came down to choice, the US and other western countries are absolutely the better option in terms of *who* is spying on us. I don't want other shit head authoritarian states to use this shit; in which case they'd be using it to greater effect. My family came here for better rights and more prosperity. Atleast in these countries we can protest this shit and have change (albiet slow) via representatives. Atleast there's semblance of due process and law. That is where i can see the us gov being upset at other shithead authoritarian states using this tech for nefarious purposes. (this does not exonerate the US at all) Believe me (im from the general area of arabia) they don't care about your rights over in those other countries. Imagine giving your opinion in china, saudi arabia (stamping out democracy whenever they can :D), or russia. U guys don't realize how much freedom u have where u can actively change laws; unlike in other countries where u have to wait for generational change and hope not another moron rises to power, or through coup d'etat and again hope they are saner than the last. I preface again by saying I don't agree with any of the spying shit. U can start with good intentions but stuff like this can quickly deteriorate our freedoms depending on whos in charge at the moment. We have a good foundation here in this country, lets push for more transparency
It's going to need a trigger. If you literally aren't using your phone, nothing can happen. The most malicious (hidden) thing I can think of is a phonecall that goes to voice-mail and delivers a malicious script to the voice-mail app (theory only). The most obvious thing would be clicking on any unsecured link and downloading a worm-cookie that will infect other files with time.
@@tylerhorn3712 Well, as the name implies, it does not need the user to interact with the device, possibly (most likely) not even notifying them. The target device simply needs to be turned on and connected to the internet(?).
@@w0nder432 The difference between "click here to accept" and having a program that is allowed to send notifications immediately to the user is huge. Messenger is "essential" nowadays, so that's where I might start trying to send malicious code to a device.
@@Blankult plot twist: he doesn’t own a PC either. He’s at the library in a trench coat and cotton mask with a flash drive he plugs in to take over the computer and override everything
This kind of stuff convinces me that we need 100% open source smartphones to be the norm. AOSP is open source but there are parts of Android phones that are proprietary, from Google and from phone carriers. By having everything open source, the community can find and patch these bugs faster.
Imagine getting upset that other people use the same tool for similar nefarious purposes you use it for. Remember the Department of Justice last year labeled parents getting upset at school board meetings as "domestic terrorists" when the FBI references anything for the specific use to fight "domestic terrorism".
It goes without saying: if you're gonna commit a crime, don't bring a phone with you. Also, sometimes those companies get hacked. Keep an eye out for when that happens. Plenty of juicy stuff comes out
@@tenhundredkills but they did. When congress put measures in place to curtail spying on US citizens after the snowden backlash they just moved everything over to Israel and spy on you from there instead to bypass congress. ezpz
The only way such "breakdown" report can gain credibility is by making public the tools they use. That way they can be patched by everyone. These are vulnerabilities and it doesn't matter what they call themselves or what employs them, they are still black hats for keeping these secret.
You're right, but zero click hacks are incredibly valuable. Talking billions. No bug bounty pays enough. It's like if you found a bug in bitcoin's code that allowed you to mint unlimited coins for yourself. There's no amount of money one could pay you to disclose it, because it's literally worth infinite money. And governments basically have infinite money
Pegasus is the begining of the litteral 1984 worldwide dystopia. It just turned out that polish rulling party was using it to listen to EVERY politian in the country and even some ordinary people that dont pose any threat to the rulling party. In every part of the world we se a trend of authoritatrian governments taking over and I am sure that at this moment each governmant that can get their hamds on pegasus has a licence which is not a great thing obviousley.
EXACLTY MY THOUGHT ASWELL. and lets not forget how big the chip fab industry is in isreal all subsidized by american tax dollars. the isreali government obviously intentionally put back doors into these chips, ive thought this to be the case for years now
It’s not there. In x86 there’s a secret risc deep integration controller. You can only access it by sending it an exact byte sequence and then you have total kernel access. If you watch “god mode x86” black hat it’s all in there 👍
Israeli here, just wanted to add that we have our own scandal with NSO, turns out the police here bought the software in 2014 and was using it against activists that were labeled as "danger to democracy" in the protests that occurred last year against the government, they realized it was used against them as police would turn up on locations that were not disclosed on social media, so they started turning up without phones. Mind you a lot of this was without a warrant which is mandatory here for those uses. At first the police denied all accusations, but now they are coming back claiming that "new evidence was discovered that change the state of affairs in certain aspects". pffft. Also a hot news article here states that they also used it without a warrant in one of the cases against the former prime minister here. IMO the beginning of the end for NSO is upon us. But more like those will just pop up, it's a very profitable business mind you.
Mental Outlaw always manages to insert the best little "based" references and humor in his videos. Oh well I better stop procrastinating rooting my phone huh?
It's also concerning how the company with the biggest wallet in the world has nothing to say about this state of affairs. And continues to treat security researchers like nuisances.
We might as well pass legislation that requires all weighted metal objects to have cameras installed in them. I mean, you could kill someone with that! Do you have any idea how many people a year are killed with heavy metal objects? We have to do something to make sure that we're all safe.
Imagine the exploit be ran through something like airdrop where all they have to do is drive by your house slowly to get a signal, air drop the sploit and dip off. That’s some scary shit
There should be restrictions on government being able to use this type of thing, our greatest ally has really made an effort to sink its claws into all tech its pretty fucked.
The new ones aren't being reported because the remote no-click zero days that can give you root access on the latest devices with the latest security updates are now capable of self deleting and wiping all evidence of ever being on your device.
@@blankdragon1636 they didn’t at all. They’ve left back doors open for years (for the chinese ) and the back door iTunes bug ( for the US gov) for 3 years. WebKit also has so many bugs exploit brokers are refusing to even buy them. 200+ alone were found in a month by project zero.
Fuck this shit... This makes me want to write my own OS, modelled as a finite state automaton that is mathematically proven to work in all possible program paths like the fucking Apollo 11 guidance computer...
@@peanut3438 what do you mean "human nature"? The nature of man is a social creature who works together with his fellow man to accomplish things too big to be accomplished by an individual and increasing the overall wellbeing of oneself and one's neighbors. Why would it be a bad thing for any organization, private or public, to work towards that end?
Sad to see that my country Panama is yet involved in another controversy. While everybody is blaming just one president people in the know, understand that every single govt intervene the phones of everybody involved in politics. It is just that people want to be oblivious to it
Memory Based operating system like Tails. Use a "burner" laptop. If needed, go to random wifi locations. Use TOR / maybe a VPN if needed. Done. If you need privacy, go the extra mile. Otherwise, assume anything on a network is public info. Edit: oh, and if you need to when you rip out Tails, rip out the power plug for the burner device. If it's a laptop, manually power it off. Anything to delay examining the memory and you're good.
Man I'm Truly addicted to your videos there is so much information here that I didin't know exist You cover so much Broad topics which are very useful to know Mental Outlaw You're true Based RUclipsr
7:10 What is stopping the guy from double dipping by just pocketing the money from NSO, and then reporting the bug to Apple through a "friend" and claiming the bounty anyway.
@Gg2 Hh the fuck are you on about? im speaking on behalf of all the world, the whole world is not just the us. Im from south east europe and I dont like the west nor the east, and my country has been attacked a lot by anti-christian people, you people there in the us are safe in your little sweet lollipop bubble.
thanks man youre the best well thankfully they can legally justify this cause every citizen is clearly a threat; slavery is freedom, war is peace, ignorance is strength
NSO declared that they wont extend license for their software to the countres that are suspected for not beeing good. In other worda autoritarian countres like north korea are forbiden for buying pegasus. Joke is that only 2 countres in europe can't buy this program. Poland and Węgry (sorry forgot what this country is caled in english). Also we have big scandals whit pegasus. Somethig about spying other political groups by leading squad. Lots of trouble. And sorry for poor english.
There's also another, really bad aspect to the whole thing - national security. NSO's CEO has claimed that he has no way of checking who do his clients spy on. Yet he has also claimed that if he gets informed about misuse of their software, they have their ways to investigate. It sounds like Pegasus has a backdoor to itself built-in. This puts any government's national security at huge risk, as all it takes to backdoor i to a critical national security software is to hack into NSO, or to bribe someone who has access to the backdoors to Pegasus.
Absolutely tremendously amazing video with lots of very valuable information 'bout actual digital surveillance of the public straight from the government and digital security in general :') ⚡ a very needed video to be honest wit y'all GREAT! work, pls keep UP! wit what you're doing!
Well yeah, going against a goverment is always "self destruction". I guess the risk appears once you are so important that you make an entire organization keep an eye on you.
"They sell the software to any government or law enforcement agency that is willing to pay to use it" I cannot describe how much this upsets me. Screw them is the very least I can say.
honestly im thinking that too, i really want a linux phone anyway but this is making me genuinely consider getting a pinephone pro once im able to afford one for myself.
As a non American the simpish relationship between Americans and Israel is quite funny to me. I'm in South America, we have a very good understanding of what imperialism is, so most (I say most because low-IQ evangelicals simp for Israel for some reason) people here will call Israel for what it is.
@@lucv2234 not sure if the question "do you uncritically support the state of Israel" would get 50 percent among the voting population. the 2 big parties support it, so it doesn't matter what the people want. myths are not part of decision making process among the policy makers. it's just money and ensuring a millitary foothold in the middle east.
@Boogie Woogie yep it's even worse in those countries as it is impossible for the opposition parties or the people to compete against it. The rulers have a complete iron grip.
It seems like a good method to combat this would be to not link any of your public / private activity to your call phone service provider, so never give out your number & have a VPN enabled 24/7 to prevent leaking cell phone information to an attacker watching your activity. Most of these attack vectors seem to rely on the cell phone number itself being used in some capacity whether it's a baseband attack or something like iMessage. You could have a second cheap call & text only number in a non-android propriatary dumb phone for registering phone required accounts like Signal & just ignore entirety the phone number on your main device as if it didn't exist. Maybe with IoT on the rise we'll see the explosion of cheap data only plans that we could substitute for traditional phone plans for enhanced security.
@@akurby7244 8000 users data was breached that tied to Tracfone's mobile data service. This includes brands such as TotalWireless and more. Stuff like Name, PIN, Email, etc. were leaked. Only news article talking about this is The Verge.
Technology has become such a huge part of daily private life. Yet the ethical discussion that needs to be had on the use of that technology is still stuck in the last Millennium, the big companies and governments solved it with the usual method of "throwing money at the problem till it disappears". And honestly, the "common folks" deserve it at least somewhat the way they just let it happen. A society of people who base most of their life on technology that they don't even attempt to understand in the slightest. These people who don't care about their privacy because they have "nothing to hide", in reality this is just what they tell themselves to cope with the fact that they are so weak they would rather give up control of their life then a silly dog tongue filter. And the worst is that the majority of these people leave the minority of people who still care about the human right of privacy in solitude. This minority is left to fend for itself with nothing but willpower against authoritarian governments and megacooperrations for whom this resistance in the name of freedom is just a splinter in the eye. Keep on fighting!
Yeah this made headlines (not in mainstream media of course) when it was found that the Indian government was using this against dissenters in general. This also led to social workers and journalists being arrested on dubious legal grounds without trial.
@@Gnohio i mean they should. straight up violating the constitution would be a pretty serious accusation correct me if i'm wrong but wouldn't the us literally have to go to martial law in order for that to happen
@@amateurprogrammer25 back in the 60s the US established HUAC to target and imprison “communist sympathizers” (ie anyone that wasn’t vocally anti commie). for nothing more than statements made most of the time. We haven’t had a right to privacy since the Patriot act passed. The constitution has always been treated as flexible despite it having very clear boundaries. I want to believe these policies had purely good intentions but governments are run by individuals and there’s no way everyone involved was thinking morally when they decided to limit our rights.
I like how in the info chart of pegasus "location" is marked with a pokeball symbol. Even these professionals only associate location data with pokemon go
Lol what "greatest threat" others governments make their version of Pegasus like they're cooking bread. An example that comes to mind is China against the oyghurs 🇨🇳
surely if a phone is infected by this, it has to send data over to whoever may be spying, so in theory couldn't you use some network analysis tools, something similar to wireshark to figure out whether some packets are sent to some unidentified source?
Any backdoor used by governments can and will be used by blackhats and rival governments
Both are bad no difference. Fuck world governments and especially Israel it gets to much or a pass because people conflate antisemitism and actual criticism of the state of Israel. Nothing against Jews
@@monsterhunter445 Agreed. Israel can hide behind a shield of antisemitism, despite their actions not reflecting the opinions of every jew on earth. For instance, jews represented by Neturei Karta and Satmar Hasidism.
Any backdoor used by governments can and will be used by THAT GOVERNMENT to spy on its citizens.
I don't have anything to hide, I'm not paranoid. But THIS statement is the exact reason I harden my devices. From locking down ports (unless gaming) to switching to DuckDuck, to erasing all cookies on browser exit, to enabling certain practices healthy for security that people around me don't do (such as limiting my time on Google outside RUclips). There exist evil people out there who just want to hurt you. A government backdoor is an extra opportunity for them to do that.
nope its called a zero day . not everyone has the vulnerability . also governments can force and make deals with companies so that they leave special backdoors for their agents to use. like they did with intel and google and facebook etc
usually at the end of a video you offer us a way to avoid a vulnerability and this time we have nothing. Truly troubling times.
Easy, don't use a smartphone
@@sphereron actually watch the video to the end
Calyxos perhaps?
Use a faraday bag and camera covers
Install BSD on your phone
Reminds me how there was a big story about the NSA trying to crack an iPhone as a piece of evidence, the media reporting on the legal battles with Apple, and how Apple was using the moment to sell phones based on their security, then one day the NSA was just like "nvm fixed it" and the entire story just stopped entirely and most people don't remember it.
I mean, not a surprise, apple gives data to China constantly
that wasn't the NSA, it was the FBI and apple gave them everything they asked for behind the curtains (it's apple), it was all just a big PR stunt, and they all won on it.
the FBI loves it when people think they can't get into your devices, and apple gives 0 shits about your privacy, never think otherwise.
@@leonardonetagamer you can call me an apple shill if you want, but this sounds straight off of info wars.
@@kix3019 so constantly being proven correct?
@@kix3019 They want to sell in china, so they have servers in china for data on chinese citizens, which they do have to yield to the authorities there. AFAIK no outside-china data is shared.
I should wrap my home in tin foil to give myself the illusion that I am protected from big business and government spying.
Actually it does to a degree
youre glowing too much
It would act like a faraday cage.
That gonna make it worse
All the tinfoil. All of it. Cover the whole city!!!
Doesn't get the latest updates: gets hacked through unpatched exploit.
Gets the latest updates: hacked through supply chain attack.
Chuckles I’m in danger
You know society has gone too far when even your Israeli-based spyware needs a subscription.
Just imagine being the guy setting that contract up...
" so if we pay you this much every month we get access to everything we want?"
" and you're only hacking the guys we want to hack right not us right?"
Not even Incognito Mode can save us from this one…
You're saying that as if incognito mode did something. The illusion of privacy....
@@TaxEvasionUS incognito can only save you from your parents using the same pc catching you
@@TaxEvasionUS I think you people need to know what a joke is
@@akurby7244 No shit, you don't say?
@@TaxEvasionUS Ha! Your name is a fart...
Reminder, Plarium, the developer of RAID: Shadow Legends and Vikings: War of Clans is located across the street from NSO Group. If you've ever installed one of those games, it seems reasonable to assume your phone already has Pegasus on it.
Well if you installed Raid Shadow Legends you deserve to be hacked.
@@KonEl-BlackZero what a Chad statement.
Pure coincidence, please move along citizen.
Oh so THAT’s why Raid is being pushed so much
@@KonEl-BlackZero but they gave us a free character! 🤣
Your channel has sent me down quite a path. I saw one of your videos about soydevs and that sent me on a rabbit hole learning about machine code and the efficiency of different languages, which in turn made me want to learn how to do things the right way. I never got much past "hello world" before, but now I'm learning how to do gamedev as an intro to C++ and developing 3D modeling skills. It's very fulfilling and I have really been enjoying the hobby! Thank you for helping me get out of a depressive rut
let me guess...are you using blender?
@@angryteapod1765 blendlets back at it again
@@angryteapod1765 lol, search back rooms found footage, blender really shouldn't be viewed so negatively. Yes its infamous for memes but it really is decent.
@@angryteapod1765 what's wrong with blender?
@@seklerek nothing
I love how the US government is upset about other countries being able to do exactly what the US is doing.
Hypocrisy at its finest
US: Puts nukes in Turkey
USSR: Puts nukes in Cuba
US: wait....
But US is not mad at Israel thou they just bought a special version called phantom to spy on their people
Long gone using American only tools time to outsource stuff like this
I'll be the first to say i agree with everything mental said in the video. Encroaching shit like this absolutely brings us closer to a darker place and reduces our freedoms. But if it came down to choice, the US and other western countries are absolutely the better option in terms of *who* is spying on us. I don't want other shit head authoritarian states to use this shit; in which case they'd be using it to greater effect. My family came here for better rights and more prosperity. Atleast in these countries we can protest this shit and have change (albiet slow) via representatives. Atleast there's semblance of due process and law. That is where i can see the us gov being upset at other shithead authoritarian states using this tech for nefarious purposes. (this does not exonerate the US at all)
Believe me (im from the general area of arabia) they don't care about your rights over in those other countries. Imagine giving your opinion in china, saudi arabia (stamping out democracy whenever they can :D), or russia. U guys don't realize how much freedom u have where u can actively change laws; unlike in other countries where u have to wait for generational change and hope not another moron rises to power, or through coup d'etat and again hope they are saner than the last.
I preface again by saying I don't agree with any of the spying shit. U can start with good intentions but stuff like this can quickly deteriorate our freedoms depending on whos in charge at the moment. We have a good foundation here in this country, lets push for more transparency
Add to that how ironic it is that the United States complains about fraud in other countries' elections and you have a day's worth of eye-rolling.
Every day I am one day closer to leaving the internet and smartphones behind
You and me both.
More like everyday we are a step closer to a Black Mirror dystopia.
I already stopped using social media, close to stop using phones too
Good luck
@@ThePiones I'm with you guys.
Is a zero-click a attack that requires no victim interaction? like you are just chilling and then you get hacked if so that's very scary lol
yup. fukin scawy
Yes.
It's going to need a trigger. If you literally aren't using your phone, nothing can happen. The most malicious (hidden) thing I can think of is a phonecall that goes to voice-mail and delivers a malicious script to the voice-mail app (theory only). The most obvious thing would be clicking on any unsecured link and downloading a worm-cookie that will infect other files with time.
@@tylerhorn3712 Well, as the name implies, it does not need the user to interact with the device, possibly (most likely) not even notifying them. The target device simply needs to be turned on and connected to the internet(?).
@@w0nder432 The difference between "click here to accept" and having a program that is allowed to send notifications immediately to the user is huge. Messenger is "essential" nowadays, so that's where I might start trying to send malicious code to a device.
smartphone security is my favorite oxymoron
I've never owned a smartphone and never will. Sucks to be you, glow-bros!
To be honest, for me , if they can hack phones, they can hack PCs.
@@Blankult plot twist: he doesn’t own a PC either. He’s at the library in a trench coat and cotton mask with a flash drive he plugs in to take over the computer and override everything
I wish i were that based
@@Blankult everything can be hacked.
Gigabased
This kind of stuff convinces me that we need 100% open source smartphones to be the norm. AOSP is open source but there are parts of Android phones that are proprietary, from Google and from phone carriers. By having everything open source, the community can find and patch these bugs faster.
How would an os being open source make it any more secure? You are overestimating the robustness of software created and maintained by volunteers
@@salsamancer it's harder to implement malicious backdors in open source
@@Stszelec01 and it's easier to find vulnerabilities in open source code than closed source code.
@@BeamDeam still better that having backdors
@@Stszelec01 my argument was a argument for open source.
I meant it that the security vulnerabilities could be noticed and patched faster.
Imagine getting upset that other people use the same tool for similar nefarious purposes you use it for. Remember the Department of Justice last year labeled parents getting upset at school board meetings as "domestic terrorists" when the FBI references anything for the specific use to fight "domestic terrorism".
That's right where my mind went. Febois spying on parent using technology that cost millions of taxpayers dollars. The irony is top tier.
This "greatest threat" made NSA laugh.
Greatest ally
I think mossad out ranks nsa
No Israel is laughing.
CIA writes more code than the NSA. CIA doesn’t legally have to answer for what they do like the NSA does.
China: Preinstalls "anti-fraud" apps and check people's phone whether they have removed it secretly😉
wouldn't it be hilarious if NSO was hacked and the exploit was leaked?
Ferb, I know what we're going to do today...
Don't you fucking jinx it
That's called suicide
Then you have to live the rest of your life being a target for a group of expert professional hackers. Takes some balls.
@@son_guhun Giving me snowdin vibes
It goes without saying: if you're gonna commit a crime, don't bring a phone with you.
Also, sometimes those companies get hacked. Keep an eye out for when that happens. Plenty of juicy stuff comes out
I believe on Wikileaks are also some interesting NSA documents regarding telecommunications
USA: *hires NSO*
Also USA: "omg how could you violate American rights..."
To me, it sounds like the Alphabet Boys are just upset they didn't think of a spyware program like Pegasus first!
@@tenhundredkills but they did. When congress put measures in place to curtail spying on US citizens after the snowden backlash they just moved everything over to Israel and spy on you from there instead to bypass congress. ezpz
They aren't black hat hackers.... they're tiny hat hackers.
Kek
Underrated
Zased.
Oy vey
The only way such "breakdown" report can gain credibility is by making public the tools they use. That way they can be patched by everyone. These are vulnerabilities and it doesn't matter what they call themselves or what employs them, they are still black hats for keeping these secret.
You're right, but zero click hacks are incredibly valuable. Talking billions. No bug bounty pays enough. It's like if you found a bug in bitcoin's code that allowed you to mint unlimited coins for yourself. There's no amount of money one could pay you to disclose it, because it's literally worth infinite money. And governments basically have infinite money
Pegasus is the begining of the litteral 1984 worldwide dystopia. It just turned out that polish rulling party was using it to listen to EVERY politian in the country and even some ordinary people that dont pose any threat to the rulling party. In every part of the world we se a trend of authoritatrian governments taking over and I am sure that at this moment each governmant that can get their hamds on pegasus has a licence which is not a great thing obviousley.
Ah yes. “Fighting terrorism”
>Israeli firm
Every. Fucking. Time.
Oy vey, stop noticing things!
@@HorrorUberAlles nonsense comment
@@rishirajsaikia1323 Is it, really? think Rishiraj, think.
Search your feelings. You know it in your heart to be true.
@@HorrorUberAlles based username btw
Pegasus isn‘t the only state trojan, there are 5+ more companies that develop this spyware.
Many thanks to the merchant guild for its contribution to spyware technology
Not a coincidence
Can't help but think they are using premade backdoors in the processors "secure"enclaves as their top exploits
EXACLTY MY THOUGHT ASWELL. and lets not forget how big the chip fab industry is in isreal all subsidized by american tax dollars. the isreali government obviously intentionally put back doors into these chips, ive thought this to be the case for years now
It’s not there. In x86 there’s a secret risc deep integration controller. You can only access it by sending it an exact byte sequence and then you have total kernel access. If you watch “god mode x86” black hat it’s all in there 👍
>Israeli
Imagine my shock
Always assumed this was possible since day one.
This video gonna blow up given that India just bought it and people are not very happy I'd say.
India bought it in 2017 though
@@slay3rgamingyt no that was some collaborative program.
How do you spell your name?
@@JimboJuice what ? say it again
What? Can you repeat, please?
Israeli here, just wanted to add that we have our own scandal with NSO, turns out the police here bought the software in 2014 and was using it against activists that were labeled as "danger to democracy" in the protests that occurred last year against the government, they realized it was used against them as police would turn up on locations that were not disclosed on social media, so they started turning up without phones.
Mind you a lot of this was without a warrant which is mandatory here for those uses.
At first the police denied all accusations, but now they are coming back claiming that "new evidence was discovered that change the state of affairs in certain aspects". pffft.
Also a hot news article here states that they also used it without a warrant in one of the cases against the former prime minister here.
IMO the beginning of the end for NSO is upon us.
But more like those will just pop up, it's a very profitable business mind you.
isnotreal does not exist
Mental Outlaw always manages to insert the best little "based" references and humor in his videos. Oh well I better stop procrastinating rooting my phone huh?
so do i
Or just unlock the bootloader?
Thank you for the truth !
you're welcome
Man i feel so safe under the watchful eye of the PatriotDefender 9000!
It's also concerning how the company with the biggest wallet in the world has nothing to say about this state of affairs. And continues to treat security researchers like nuisances.
We might as well pass legislation that requires all weighted metal objects to have cameras installed in them. I mean, you could kill someone with that! Do you have any idea how many people a year are killed with heavy metal objects? We have to do something to make sure that we're all safe.
So hacking is illegal... except when done by a registered company that provides services to the government for millions of dollars
Thiago Tavares was a victim of this software. Literally a guy who tries to combat child pornography on the internet being chasen down. Really sad.
Whoevers rich enough to use Pegasus and does that clearly shows there’s a global trafficking organization that needs to get fucking blown up
You’re talking about yourself ? In third person ?
I was literally looking about this thing yesterday. Thank you for making a video on this
KILLUA?????
@@fatfurry yes
@@fantasywarrior2597 oh yeah but i hate anime. i hate it. it is cringe. it makes me wanna hate you. i hate you. /srs
Imagine the exploit be ran through something like airdrop where all they have to do is drive by your house slowly to get a signal, air drop the sploit and dip off. That’s some scary shit
Linux phones need to hurry the hell up and become viable.
For real though. I like Linux, but I could care less what exact OS it is. We just need more options. Diversify a little.
Just make your own phone from public domain patents
@@wertiaaudit5746 sarcasm?
@@seronymus what is sarcasm ?
Pinephone pro. It's a thing.
Thank you for taking the time to talk about this!
There should be restrictions on government being able to use this type of thing, our greatest ally has really made an effort to sink its claws into all tech its pretty fucked.
Your greatest ally is using you and your tax money as a fleshlight
@@kinnikuzero Exactly. It's not a patron-mandate relation, it's borderline slavery and oligarchy.
@@Wabbelpaddel well it’s deserve you white propel did a lot of bad things for us Jews through history
Time to pay back
@@ko-Daegu the flaw in your logic here: Jewish people are being screwed by this too
2:00 and Indian government used it to monitor top journalists, opposition leaders and activists.
damn zero clicks are spooky
The new ones aren't being reported because the remote no-click zero days that can give you root access on the latest devices with the latest security updates are now capable of self deleting and wiping all evidence of ever being on your device.
This is more than just US/Israeli coop. The system has already existed and in fact it has dozens of its clones.
Why would the glowbois need a phantom when they have access to the base OS install through backdoors?
I would guess appearance, having people think this agencies need some fancy tools to get inside your device
@@blankdragon1636 they didn’t at all. They’ve left back doors open for years (for the chinese ) and the back door iTunes bug ( for the US gov) for 3 years. WebKit also has so many bugs exploit brokers are refusing to even buy them. 200+ alone were found in a month by project zero.
Fuck this shit... This makes me want to write my own OS, modelled as a finite state automaton that is mathematically proven to work in all possible program paths like the fucking Apollo 11 guidance computer...
Go for it.
May the spirit of Saint Terry guide yee.
Governments aren't anybody's main concern. Private organizations are.
At least the government is "supposed" to do things for it's citizens.
It’s when they team up (not necessarily in a stated deal) that they both become an even bigger problem, fueled by human nature
@@peanut3438 true words
@@peanut3438 what do you mean "human nature"? The nature of man is a social creature who works together with his fellow man to accomplish things too big to be accomplished by an individual and increasing the overall wellbeing of oneself and one's neighbors. Why would it be a bad thing for any organization, private or public, to work towards that end?
I didn't even know this software existed. Thanks for the new information.
Sad to see that my country Panama is yet involved in another controversy. While everybody is blaming just one president people in the know, understand that every single govt intervene the phones of everybody involved in politics. It is just that people want to be oblivious to it
Panama only exist to us americans thanks to van halen
It really is them every single time
Our greatest friend. Just ask the uss liberty.
They sure can dance
Memory Based operating system like Tails.
Use a "burner" laptop.
If needed, go to random wifi locations.
Use TOR / maybe a VPN if needed.
Done.
If you need privacy, go the extra mile. Otherwise, assume anything on a network is public info.
Edit: oh, and if you need to when you rip out Tails, rip out the power plug for the burner device. If it's a laptop, manually power it off. Anything to delay examining the memory and you're good.
Man I'm Truly addicted to your videos there is so much information here that I didin't know exist
You cover so much Broad topics which are very useful to know
Mental Outlaw You're true Based RUclipsr
The subtle unibomber references placed throughout many of your videos always manage to make me crack a smile
7:10 What is stopping the guy from double dipping by just pocketing the money from NSO, and then reporting the bug to Apple through a "friend" and claiming the bounty anyway.
Probably an NDA of sorts with the deal.
If He gets payment based on time till exploit can be used, he will have a motive to not report it.
Inb4 NSO uses the exploit he taught them to hack his phone and track his activities.
@@augustday9483 Uno reverse card
Probs a gun to his head.
Man, everything just keeps getting better.
Heaven on earth. Enjoy it.
"Made by an Israeli firm"
Enough said.
The merchants guild™️ is not pleased by such statement
Dont mess with the zohan
@Gg2 Hh the fuck are you on about? im speaking on behalf of all the world, the whole world is not just the us. Im from south east europe and I dont like the west nor the east, and my country has been attacked a lot by anti-christian people, you people there in the us are safe in your little sweet lollipop bubble.
@@miljanvideo What are you even saying? Did you even read what he said?
That's it. Im developing my own compiler and OS along with my own communication protocols.
This is why I would only use a librem or pinephone running Gentoo as a phone
Gentlo hardening
And how would we do that?
Librem 5 comes with a bunch of unupdatable binary blobs. If they have exploitable security holes, you're out of luck
Everyday we have less and less privacy
thanks man youre the best
well thankfully they can legally justify this cause every citizen is clearly a threat; slavery is freedom, war is peace, ignorance is strength
the year of the linux phone can't come soon enough
NSO declared that they wont extend license for their software to the countres that are suspected for not beeing good. In other worda autoritarian countres like north korea are forbiden for buying pegasus. Joke is that only 2 countres in europe can't buy this program. Poland and Węgry (sorry forgot what this country is caled in english). Also we have big scandals whit pegasus. Somethig about spying other political groups by leading squad. Lots of trouble. And sorry for poor english.
Hungary
@@foscogrubb thanks
*proceeds to sell to all requested countries
Hmm yes I'm not going to sell my product to my biggest customers. 100% smart move ;)
Why would NK even bother? Who even has phones over there that aren't already backdoored by design?
There's also another, really bad aspect to the whole thing - national security. NSO's CEO has claimed that he has no way of checking who do his clients spy on. Yet he has also claimed that if he gets informed about misuse of their software, they have their ways to investigate. It sounds like Pegasus has a backdoor to itself built-in. This puts any government's national security at huge risk, as all it takes to backdoor i to a critical national security software is to hack into NSO, or to bribe someone who has access to the backdoors to Pegasus.
"Patriot Defender 9000" 😂😂
Absolutely tremendously amazing video with lots of very valuable information 'bout actual digital surveillance of the public straight from the government and digital security in general :') ⚡
a very needed video to be honest wit y'all
GREAT! work, pls keep UP! wit what you're doing!
Ah, the surveillance state.
Well yeah, going against a goverment is always "self destruction".
I guess the risk appears once you are so important that you make an entire organization keep an eye on you.
"They sell the software to any government or law enforcement agency that is willing to pay to use it"
I cannot describe how much this upsets me. Screw them is the very least I can say.
remember: only use phone numbers to sign up for things like signal
Oh boy, daily dose of dopamine when Kenny uploads a new video
“The patriot defender 9000” LMFAO
Wonder how Linux phones like Pinephone stand up too this?
Pegasus is really scary
hey mental outlaw do you think that a Linux phone could stop pegasus from being used? after all you said iOS and Android
I’m wondering this too
Hopefully
honestly im thinking that too, i really want a linux phone anyway but this is making me genuinely consider getting a pinephone pro once im able to afford one for myself.
I like that drawing of a flaming pegasus, take my data FEDs
As a non American the simpish relationship between Americans and Israel is quite funny to me. I'm in South America, we have a very good understanding of what imperialism is, so most (I say most because low-IQ evangelicals simp for Israel for some reason) people here will call Israel for what it is.
Could you specify what you mean by what Israel is? Genuinely curious to know
@@xinfinity4756 human parasites
Apartheid state
@@xinfinity4756 a mold on earth
@@lucv2234 not sure if the question "do you uncritically support the state of Israel" would get 50 percent among the voting population. the 2 big parties support it, so it doesn't matter what the people want. myths are not part of decision making process among the policy makers. it's just money and ensuring a millitary foothold in the middle east.
My mother-in-law works as customer service for apple and she recently had a customer who had Pegasus on their phone yesterday
So. basically throw away my smartphone but not in the ocean instead in a volcano?
10:00 the hypocrisy on that letter sounds like parody, the lack of self awareness of americans is truly amazing
The same Americans claim “private company they can do what they want” 🙄
It's called Fincklethink...
Well my country's government doesn't know how to do online shopping so they could not buy Pegasus. Plus they prob didn't have the money.
@Boogie Woogie yep it's even worse in those countries as it is impossible for the opposition parties or the people to compete against it. The rulers have a complete iron grip.
It seems like a good method to combat this would be to not link any of your public / private activity to your call phone service provider, so never give out your number & have a VPN enabled 24/7 to prevent leaking cell phone information to an attacker watching your activity.
Most of these attack vectors seem to rely on the cell phone number itself being used in some capacity whether it's a baseband attack or something like iMessage. You could have a second cheap call & text only number in a non-android propriatary dumb phone for registering phone required accounts like Signal & just ignore entirety the phone number on your main device as if it didn't exist.
Maybe with IoT on the rise we'll see the explosion of cheap data only plans that we could substitute for traditional phone plans for enhanced security.
you should make a video about the new persistent rootkits that live in bootloaders and other low level memory/firmware
Like the secret risc v architecture hidden in every single x86 processor ?
There is massive Pegasus drama in Poland about spying on politicians.
Could you possibly do a video on the recent Verizon Tracfone data breach?
What happened
oh great I'm on tracfone, not verizon though
Tracphone always being hacked
@@akurby7244 8000 users data was breached that tied to Tracfone's mobile data service. This includes brands such as TotalWireless and more. Stuff like Name, PIN, Email, etc. were leaked. Only news article talking about this is The Verge.
When malware sus:
The Israeli police used Pegasus on Israeli citizens, it was revealed like 3 weeks ago
The government: "you have right of privacy"
Also the government: "we want to see what you do everytime"
Me a Mexican knowing about the software since 2016
Thank you mental outlaw for the video I always like your content.
Technology has become such a huge part of daily private life. Yet the ethical discussion that needs to be had on the use of that technology is still stuck in the last Millennium, the big companies and governments solved it with the usual method of "throwing money at the problem till it disappears".
And honestly, the "common folks" deserve it at least somewhat the way they just let it happen. A society of people who base most of their life on technology that they don't even attempt to understand in the slightest. These people who don't care about their privacy because they have "nothing to hide", in reality this is just what they tell themselves to cope with the fact that they are so weak they would rather give up control of their life then a silly dog tongue filter. And the worst is that the majority of these people leave the minority of people who still care about the human right of privacy in solitude.
This minority is left to fend for itself with nothing but willpower against authoritarian governments and megacooperrations for whom this resistance in the name of freedom is just a splinter in the eye. Keep on fighting!
I have a relative who is ignorant to the extreme and it is indeed frustrating how mass blindness and carelessness corrupt the society.
Yeah this made headlines (not in mainstream media of course) when it was found that the Indian government was using this against dissenters in general. This also led to social workers and journalists being arrested on dubious legal grounds without trial.
doesn't that violate the fifth amendment 6 ways from sunday
implying they care
@@Gnohio i mean they should. straight up violating the constitution would be a pretty serious accusation
correct me if i'm wrong but wouldn't the us literally have to go to martial law in order for that to happen
@@amateurprogrammer25 back in the 60s the US established HUAC to target and imprison “communist sympathizers” (ie anyone that wasn’t vocally anti commie). for nothing more than statements made most of the time. We haven’t had a right to privacy since the Patriot act passed. The constitution has always been treated as flexible despite it having very clear boundaries. I want to believe these policies had purely good intentions but governments are run by individuals and there’s no way everyone involved was thinking morally when they decided to limit our rights.
I like how in the info chart of pegasus "location" is marked with a pokeball symbol. Even these professionals only associate location data with pokemon go
Lol what "greatest threat" others governments make their version of Pegasus like they're cooking bread. An example that comes to mind is China against the oyghurs 🇨🇳
Just because there is similar problems in other countries doesn't mean the problem in your country isn't bad.
surely if a phone is infected by this, it has to send data over to whoever may be spying, so in theory couldn't you use some network analysis tools, something similar to wireshark to figure out whether some packets are sent to some unidentified source?
how often do you do that though?
and how often do you do it on your cell radio signal?
@@rawhide_kobayashi yea true, barely anyone does this in the first place, this would only really work if enough suspicion was raised somehow
@@chickerinoradio6617 and that's exactly what they won't be raising when they magically hack you with no user input :O
Generally speaking battery usage is usually the best way to notice a spyware
@@mlgepicbanana69 while yes that can be an indicator, you can absolutely design the spyware to use as little battery as possible