| > with out (sic) any proof that Apple had anything to do with Pegasus. Um, bundling a messaging app that parses feature-rich messages sent from anyone in the world using a memory-unsafe language and abusing DRM laws intended for anti-piracy protection to *ensure that no one can uninstall it from their phone* doesn't count as proof that Apple had something to do with Pegasus? Yes, Durov's assertion that the bugs NSO exploited were intentionally left there by Apple at the behest of US intelligence agencies is presented without proof, and while conceivable is very unlikely [1]. But his assertion that monopoly practices by Apple had something to do with the Pegasus hacks is perfectly accurate given that Messages is insecure, forcibly bundled, and was in fact how many journalists and human rights defenders were hacked. Durov's point that "it doesn't matter what apps you have installed on your phone" is especially depressing and a direct result of Apple's use of DRM to prevent users from uninstalling Messages. It would be nice if people could install Messages from their iPhones right now. Thanks to Apple, they can't. [1] Not because Apple wouldn't do it if pressured (we know, for instance, that they caved to such pressure on iCloud encryption) but merely because there are likely so many vulnerabilities to find that the chances NSA, Apple, and NSO were all aware of the same vulnerabilities are very low. |