They targeted him via his phone using Pegasus, a tool made and sold by the NSO, under direct authority of Israel.
A phone is such an essential part of getting things done today. If someone asked me to unlock my phone and then they took the data, I’d be so fucked. But at the same time, I can’t really go overseas without it unless I get someone to house-sit.
At the minimum, you should factory reset when crossing borders, and restore from an encrypted cloud backup. But the advice he gives is to use an entirely new phone (new number, new IMEI).
He was picked up because his phone number was on a list.
Depends on the border.
See my other comments, but in regards to authoritian regimes, that doesn’t go far enough. This isn’t buying drugs or breaking into a pipeline construction site. This directly threatening the economy and control of authoritarian nation states that have their economy almost completely reliant on oil that will imprison, torture, or kill someone in their way. Completely different game. World Cup vs your municipal league.
If you are a climate journalist or activist, just stay out of authoritarian places unless you are willing to be tortured or killed. Unless you have CIA/MI6/NSA/GCHQ level skills or whatever your country calls those things, you are in over your head.
For anyone confused like I was, he’s saying this to protestors.
I think this will be the model for future global conferences and events … host them in totalitarian countries where protesting will either be very hard or impossible.
Not that we had much democracy left in the western world … the worse the world becomes, the more extreme our governments will react.
Yup, sounds about right. Plus less tolerance
of freedom of assembly, and civil disobedience in major Western democracies will continue.
Journlists and campaigners.
I was gonna ask that. I didn’t think some random UN conference would be that bad for the attendees.
Or we could stop holding all these events in the authoritarian hellholes in the middle east. How to prove your corruption and moral bankruptcy in one simple step.
I appreciate what he is trying to do, but hiding from a state actor in 2023 is VERY hard to do. A lot harder than a clean phone. It is SO much more than that.
I highly recommend the late Keven Mitnick’s book The Art of Invisibility to anyone that could be at risk of this. If anything about the cautionary stories about the TINY mistakes that landed people in hot water.
Basically, the only way to be anonymous with a phone in am authoritarian regime is to walk to a place that sells them without being seen by cameras, pay someone cash to go buy a burner and prepaid service card for you with cash, and never use it in physical proximity to any device tied to your identity in any way and never anywhere where someone can ID you or on camera. Only use it for calls and text. For Internet stuff, only use public WiFi connecting through ToR, but even that requires some diligence. That is just scratching the surface.
TLDR: Assume an authoritarian regime is omniscient within their borders. Play by the rules unless you know what you are doing. Don’t piss them off. Don’t mildly annoy them.
If you have never worked in infosec, worked in IT operations in a TS environment, worked in intelligence, worked in security/operations of some super secure environment like a CA, or worked as a detective AND have hirable tech skills, can understand everything at DEFCON/Black Hat at a basic level, or have practically memorized everything in the aforementioned book and updated since it’s release in 2017, you don’t know how to hide and you WILL end up on the rack.
Yeah. A clean phone is plausible for somebody briefly visiting an authoritarian country for a few days though.
Here is the thing. Being wrong leads to torture, imprisonment, or death.
That is the minimum as a tourist or business that doesn’t intersect with their interests.
As an activist or journalist, when they review the visa application, that puts a target on them. They are a direct threat to the control that these governments will do anything to maintain. In the aforementioned book, Mitnick cited a case where he was in Columbia. Someone entered his hotel room while we was at dinner and swapped out the drive in his laptop with their own.
Another case showing the power of the state to find someone they don’t like. A drug kingpin in Australia was caught because even though he had several burner phones, he sometimes used more than one burner phone within too short of a time frame at the same physical location. Their police were able to use the cellular data to find him, even though he went through none of the phones were tied to his identity. This is just a criminal nuisance, not someone that threatens their economy, reputation, and control.
For sure. The odds of torture, imprisonment, or death for first-world activists during COP28 is pretty low - they’re a lot more likely to follow their history of using wiretaps.
Paywalled. :(
The Guardian doesn’t have a paywall. They do have a ‘tell us your email’ pop-over that you can dismiss without giving them your email.
Very weird. I am not able to dismiss the pop-up request for money that covers the entire page. There is no option to bypass or dismiss this pop-up on my screen. I am on Firefox with uBlock on Android, btw.
I am using Adguard, side load paid version, and haven’t had any issues. Maybe try turning desktop mode on or off? Unfortunately, I don’t use Firefox, so I don’t know how it works. Does it have a “simplified reader” view? Clear cache/cookies?
Tried with firefox + ublock origin on Android, and the pop-up has an ‘x’ on the top right, I touch to make it go away.
There is no X on mine, unfortunately.
Only thing I can suggest at this point is to copy-paste the URL into archive sites, which often strip that kind of pop-over away.
The big issue is that the one that’s best at that, https://archive.today is run by somebody who wants to get approximate location info from the DNS requests, which recent versions of Firefox block.