Comment by potatoman22 9 days ago
This is a good reminder for why to not download random PDFs. One of the mechanisms of the Pegasus spyware was emulating a computer inside a PDF.
https://en.wikipedia.org/wiki/Pegasus_(spyware)#Vulnerabilit...
The Pegasus Project has shown that pretty much anyone could be targeted. It's enough to know someone in a publicly owned company or publicly say something negative about corruption or just be in the wrong place at the wrong time.
Nothing you do will guarantee that the state won't come after you.
If you’re really worried about this and you use an iPhone, then you should be using Lockdown Mode: https://support.apple.com/en-us/105120
> If Chrome gets 0day'd then a lot of us are going down
The vulnerability was in images parsing, and exploit was distributed by sending an imessage to the target. So don't open any images, and don't read imessages. They are also known to use browser exploits, so don't visit random websites.
That was sarcasm, in case it's not clear over the internet. Telling people to avoid "suspicious" pdfs/websites is common but ultimately not very useful advice.
The real takeaway is: don't become a target of a nation state intelligence agency. If you own a phone, they can take over it, and there's nothing you can do.