smartphones are just tiny burst mode computers that betray your privacy every day.
A very cool exploit...very impressive!
Virtualization is a powerful drug...
When will someone stop all this stuff. Someday perhaps a true hero will emerge and vanquish the tech lords. None of it does a bit of good.
“Describing the exploit as “pretty terrifying,” Google said the NSO Group hackers effectively booby-trapped a PDF file, masquerading as a GIF image, with an encoded virtual CPU to start and run the exploit.
“JBIG2 doesn’t have scripting capabilities, but when combined with a vulnerability, it does have the ability to emulate circuits of arbitrary logic gates operating on arbitrary memory. So why not just use that to build your own computer architecture and script that!? That’s exactly what this exploit does,” the researchers explained.
“Using over 70,000 segment commands defining logical bit operations, [NSO’s hackers] define a small computer architecture with features such as registers and a full 64-bit adder and comparator which they use to search memory and perform arithmetic operations. It’s not as fast as Javascript, but it’s fundamentally computationally equivalent.”
“The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It’s pretty incredible, and at the same time, pretty terrifying,” the Google researchers added.”
Holy crap!!! THAT took some brainpower. And lots of $$$.
they recognized their own work...
If we could just do this with GIFs of Obama, Biden, Harris, Pelosi, George Floyd........
But wait, he lives in Zürich, Switzerland, so I guess I'll give him a pass. But then, why is his first name Samuel?
Following the documented Pegasus attacks, Apple filed a lawsuit seeking to hold NSO Group accountable for the ongoing surveillance hacks that target iOS-powered devices.
The U.S. government has since added NSO Group to its “entity list,” a move that blocks American companies from doing business with the Israeli spyware vendor.
Please note that the US government has exempted itself from such rules, where matters of "national security" arise.
I bet that the Jan 6 committee has already bought the exploit for use against US citizens enemies of the State.
The government has access to those capabilities.
That’s why you have to open these rando files in an editor and look at the actual hex chars in there. PDF files can contain executable javascript, or you could put a picture in there - jpg or such - and have that exploit the interpreter that decode and displays the image. Lots of ways to make things break.