|
|
|
|
|
|
by greenish_shores
748 days ago
|
|
|
> If you are at threat of being targeted by NSO Group or Zerodium enabled attacks, you are already on the radar of a country's Law Enforcement/Interior Ministry/Dept of Homeland Security/Intelligence Community and any attacks on your phone are the least of your worries. Ah, you mean social engineering attacks and more powerful attacks relying completely outside of the cyberspace (to say more bluntly, which perfectly fits the case here, "in the meatspace"), right? In terms of broadly-understood virtualization, there's always FPGA with its possibility to spawn multiple number of completely independent softcores. These days some FPGAs with enough computing power for well-optimized security-critical part of general-purpose computing (messaging, web browsing, maybe DSP - not computation like neural models) have fully open-source bitstream synthesis tools. BTW, thanks a ton for letting me know about the unpatched vulnerability in Alpine. I'll talk to the pmOS guys about patching it. |
|
|
No. I mean actual unpatched vulnerabilities and exploits that haven't been published.
NVD is just the icing on the cake. Plenty of less scrupulous vendors like Zerodium, Crowdfense, NSO, etc have collected troves of exploits and vulnerabilities that have never been published, because they can pay 2-3x what bug bounty programs pay.
For example, NSO's Pegasus toolkit which has been operational for a decade but only remediated in the past couple months.
But it doesn't matter. If you've been targeted by adversary using one of those products, you are already very high profile and security theatre around your phone's security is basically useless if you don't have a security team to back you up.
> In terms of broadly-understood virtualization, there's always FPGA with its possibility to spawn multiple number of completely independent softcores. These days some FPGAs with enough computing power for well-optimized security-critical part of general-purpose computing
That's what Secure Enclave/Trusted Execution is in a nutshell, but it's progressed way past FPGAs (that was a late 2000s/early 2010s research area before moving up to CPUs and GPUs)
------------
Just stick with a common popular smartphone from a brand that makes sure to consistently be on top of patching and supportability.
It's about as safe a consumer computing device can be, and even nation states recognize that. Most leaders and politicans use common smartphones as well, but they are locked down with an MDM (this is BlackBerry/RIM's bread and butter now because they've deprecated phone manufacturing)