Me to my course attendees: As you can see iPhone/Android persistence vulnerabilities are the most expensive, so if you reboot your phone regularly you’ll probably be fine. They probably won’t waste that on you.
NSA: reboot your phone once a week.
@Patricia Really? Never heard of rebooting just at random points, not connected to updates, being important before. Could you say a bit more about why that is?
@forteller @Patricia Basically if you have a voulnerability that lets someone put exploits into memory, a reboot will clean this out, and you will have to be reinfected, retrigger the exploit for it to affect you.
A persistent exploit would be something patching some executable in in your phone to trigger this even after a reboot.
@sotolf @Patricia Right, right. Makes sense! Thanks!
And this comes literally minutes after someone had to explain to me that yes, the number of sex partners does actually matter even if you don't test positive for anything, because not all infections are symptomatic or cought in tests.
So if anyone wants to teach me anything more about infections, this is the day! Let me have it!
@forteller @Patricia TIL, so now I know that as well, it really makes sense when you actually think about it :) Haha, I wasn't expecting to learn that today, but now I know :)
@forteller Because of how iOS security works, even if you have root jailbreak super access you can't change anything about the boot process. Basically the operating system partition never changes between updates, so it can be fully signed and known not to be tampered with.
I don't know the exact boot process today, but basically everything is cryptographically validated by the "iBoot" firmware which has a limited attack surface, so it's hard to attack iBoot directly.
So if you want a reboot persistent attack, you need to either exploit the boot process, or you need to find one or more separate vulnerabilities in some userland service that starts after boot.
iBoot has been cracked in the past and can't be easily updated (if at all?) when it's on a phone, so that's why e.g. iPhone X is technically permanently jailbreakable.
I don't know if I explained that all too well, but basically iPhones are really good at protecting and validating the boot process.
@forteller
I (having not been asked)only know that my an ph just 'behaves' better fsvo if I power-cycle it every few days.
the old 'zap the p-ram' is a thing I really miss.
I also miss being able to pull the battery
@forteller @Patricia If I read the above correctly, the reasoning is:
"Even if your device gets hacked by some kind of vulnerability, it's unlikely the attacker has achieved persistence across reboots, so rebooting will kick them back out"
@forteller like others have said, to survive a reboot you need some way to come back up. That kind of mechanism is called “persistence” - these kinds of vulnerabilities have become progressively harder to find in phone OSs, so the price for a good one (with an exploit) can be in the millions of dollars range. But if they are found they could potentially be fixed by the vendor. So they are used carefully. Otherwise it’s money out the window. So unless you are a high value target they probably won’t risk using it for you. And without persistence, reboot will clear it. Of course you have all sorts of spyware you (or someone with access to your phone) might’ve installed on purpose, but that’s another matter.
@forteller tech people often forget about intimate partner abuse. But protecting against someone who is regularly in physical proximity to your devices is a whole other thing. Often requiring many layers of protection, because it might not be safe to refuse them access. Another reason why the Microsoft Recall thing is an absolute dumpster fire. And a reason to not have a windows machine if they do release it. “Opt-in” isn’t opt-in if you are not safe to refuse.
@Patricia @forteller Apple just showed off a feature to lock or hide an app an your phone, and the prevailing discourse was “hahaha it’s for porn.” These dudes (of course they were all men commentating) never even considered the domestic abuse case, where privacy on your own device isn’t a given, and it’s no joke—it’s about personal safety.
Also thinking the "hide an app" feature could be used by a stalker/abuser too, and overcomes the persistence issue. Sneak a Where Is My Device? tracker app on there, hide it, and bam.
@shafik it sucks that they don’t actually say why in the article
@Patricia
Now I know why my fairphone with /e/ OS kept rebooting randomly: it was a security feature.
They must have removed it in the last update though