1

It is a fact that antivirus software can't detect all the spyware/viruses/malware that exist. And when they get detected, new ones are created.

An example is the pegasus spyware for ios created by the NSO group. There is also an android version available. And there are many spyware for windows computers which claim to be undetectable. And there are probably many more for different OS that are not made public.

So what can you do about a possible spyware on your device that your antivirus/antispyware doesn't detect?

Linux_user0987
  • 261
  • 1
  • 7
  • Some people might say that most computer users don't have to worry about such a problem but that is irrelevant. – Linux_user0987 Nov 17 '19 at 01:35
  • 1
    *"...Apart from being careful in the first place? Do you think Qubes OS is an answer ..."* - how using QubesOS does not count as "being careful in the first place"? Using a more secure OS with better isolation between actions and thus having a defense in depth is exactly this - being careful in the first place. – Steffen Ullrich Nov 17 '19 at 06:45
  • 1
    As another way of 'being careful in the first place', you could boot your computer from a live OS usb each time you boot. That way, any viruses that you unwittingly contracted would be gone the next time you reboot. – mti2935 Nov 17 '19 at 11:34
  • @SteffenUllrich : I edited the question. Do you think qubes OS if used properly is secure enough to protect you from such a threat? – Linux_user0987 Nov 17 '19 at 12:03
  • In all devices and situations? That's a pretty big question. – schroeder Nov 17 '19 at 12:09
  • 1
    There's a bit a philosophical question here: how can you respond to spyware that you cannot detect? Well, first, you would need to detect it. Can you narrow your question a bit? It is very, very broad. – schroeder Nov 17 '19 at 12:10
  • @Linux_user0987: QubesOS will not make attacks impossible but it reduces the risk due to better isolation between tasks while at the same time impacting usability. This is unfortunately a common trade-off and one has to decide how much risk is still acceptable - which also depends on how valuable a successful hack for the attacker will probably be. Also note that spyware against the targets system is usually not the only way for attackers to reach their goal, so trying too much to perfect the defense against this might lead to neglecting the other risks. – Steffen Ullrich Nov 17 '19 at 12:30
  • @schroeder : I am not asking how to be safe in all devices and situations. By not specifying a device or OS, I am letting the answerer say if they think any device or OS is superior to others in terms of security. (Like qubes OS) You can do most of the things that you want on many devices. – Linux_user0987 Nov 17 '19 at 12:44
  • @schroeder : I suppose one answer then is that you have to detect it like major companies and governments do. They use computer engineers who look deep into a computer's activities to find out something unusual. As for some one who does not have a lot of knowledge about computers they could look at firewall logs to see if any unusual connections are being attempted or other system logs. Another answer is that you could prevent yourself from getting infected by being extremely cautious. – Linux_user0987 Nov 17 '19 at 12:55
  • @schroeder : So in short, it's a difficult problem. But if you yourself have the resources or talent required, then your chances of being safe are higher. Do you agree? – Linux_user0987 Nov 17 '19 at 13:02
  • @SteffenUllrich : What other risks do you mean? Are you talking about listening to internet traffic? That's not as effective as installing a spyware as it leaves out offline activity. – Linux_user0987 Nov 17 '19 at 14:52
  • @Linux_user0987: Like infecting the systems of your communication peers. Bugging your apartment with microphones and tiny cameras. There are lots of ways to track what somebody is doing and not everything needs to be cyber. The exact possibilities of course depend on the exact target and the capabilities of the adversary. But since you assuming government as the adversary they likely have lots of capabilities. – Steffen Ullrich Nov 17 '19 at 15:31

0 Answers0