• Em Adespoton@lemmy.ca
    link
    fedilink
    English
    arrow-up
    32
    ·
    1 year ago

    I had an odd moment just now of “wait… you mean that isn’t already obvious to everyone?”

    Then I realized it probably wasn’t.

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      17
      ·
      edit-2
      1 year ago

      What sets Insanet’s Sherlock apart from Pegasus is its exploitation of ad networks rather than vulnerabilities in phones. A Sherlock user creates an ad campaign that narrowly focuses on the target’s demographic and location, and places a spyware-laden ad with an ad exchange. Once the ad is served to a web page that the target views, the spyware is secretly installed on the target’s phone or computer.

      This is the part that makes this newsworthy. Insanet uses the advertising infrastructure to target a specific group or even person, and when the ad is displayed it does not require user interaction to install itself. They’ve developed a zero-click exploit, which is very concerning

      I’m not clear on whether an adblocker will actually protect you from this - some adblockers only prevent the display of the ad in your browser, but the content of the ad is still downloaded with the rest of the webpage information. You might actually need something like Pihole to block ad server addresses so that the content never gets downloaded at all, but that would make any browsing outside your home network dangerous.

      • newIdentity
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        The ad is downloaded, but it’s removed before execution

      • MasterBuilder@lemmy.one
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Any DNS based blocker will filter out anything from URLs at the source, so no data is received. I use AdAway with Magisk. Blocklists are updated regularly.

  • LostDeer@infosec.pub
    link
    fedilink
    English
    arrow-up
    27
    ·
    1 year ago

    Blocking ads is just another layer of defense in your security stack. I want to say it’s like locking your front door, but not using an ad blocker is worse than just having your front door unlocked.

    Imagine you have numerous solicitors coming up to your front door everyday and you left your front door not only wide open, but off the hinges. Who’s walking into your home with the best of intentions in that situation?

      • Yer Ma@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Filtered DNS, avoid the weighted routing of ISPs like Comcast, ability to locate in countries that have laws preventing data collection and bias routing

        • lud@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          You don’t need a VPN for filtered DNS, since it’s you know, DNS.

          The others don’t have anything to do with spyware or viruses

  • Vendetta9076
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Its almost like forcing users to download whatever you deem “good” can be a problem. Fuckin imagine that.

  • nevernevermore@kbin.social
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    the price tag $6m+ price tag to infect one device on this product alone means it’s only likely to be used in extreme circumstances. But if you’re a public figure, or have some form of notoriety, then It’s always a good practice to block any connections you didn’t personally open.