While governments attempt to weaken encryption, their spies are still spying, Apple warns

Apple has warned yet more spyware victims in 100 countries that they may have been a victim of mercenary surveillance spyware, proving once again why every rational person should demand encryption for all their data, as there is no such thing as a safe back door.

While the UK government seems resistant to that reality, other governments appear to be doing all they can to exploit any weaknesses that do exist, so it seems likely at least some of those adversaries can’t wait for UK users to have less encrypted services. Not that the little people who actually live in the UK are being granted any insight into that. Ignorance will not protect them.

Making you safer one weakness at a time

Apple doesn’t customarily tell anyone when these warnings go out or what they say, but in this particular instance two of the warned victims stepped forward to discuss what happened to them:

Italian journalist Cyrus Pellegrino wrote about his own Apple warning shortly after receiving it, as did a right-winger who also got warned. Pellegrino’s article explains he was attacked by the Paragon exploit in late January, and thinks the warning is linked to activity then.

Pellegrino’s story should help understand what’s at stake. When he told his wife about it he did so in total quiet, putting his phone in a sealed microwave oven before discussing what happened.

“From the moment the phone is infected, the spyware operator has full access to the device, can read, see and download everything,” he said. “Phones are the black boxes of our existence … Try to imagine this package – huge – of sensitive data in the hands of malicious individuals.”

Apple’s warning told victims:

“This attack is likely targeting you specifically because of who you are or what you do.”

Since it began warning users when its systems come across signs of these forms of attack in 2021, Apple has had to warn people in over 150 countries, proving the prevalence of these democracy sapping attacks.

If Apple detects activity consistent with a mercenary spyware attack, it notifies targets in two ways:

• A Threat Notification is displayed at the top of the page after the user signs into account.apple.com.
• Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple Account.

While Apple warns that these types of attack are so costly and sophisticated most people will never be impacted by them, but that doesn’t really make thing safe. “The extreme cost, sophistication, and worldwide nature of mercenary spyware attacks makes them some of the most advanced digital threats in existence today, the company says.

Who watches the Watchmen?

It also says: “Mercenary spyware attacks are exceptionally well funded, and they evolve over time. Apple relies solely on internal threat-intelligence information and investigations to detect such attacks. Although our investigations can never achieve absolute certainty, Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack, and should be taken very seriously.”

Indeed. And meanwhile governments want to make people’s data even less safe by insisting on designer insecurities as encryption is broken. Perhaps there’s a connection in play here?

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe.