Leopards ate my face moment?
They're not developing these tools to NOT use them...
1. Most of us in this segment of the industry recognize the risks
2. He is absolutely not the first person targeted by this
3. This article sounds like it's part of a wrongful termination suit by Gibson based on the context provided
> 'I never thought leopards would eat MY face,' sobs woman who voted for the Leopards Eating People's Faces Party.
It is really about a perceptual flaw in pre-fascist democratic behavior: people believing themselves to be a part of the protected class because they voted for it.
It seems to apply here because someone profiting from the creation of tools used on others by people with money/power has them used on him by the government.
tldr; it is a subset of you reap what you sow, with more specificity and punch
Why does he think that will help against a state-backed adversary?
> Why does he think that will help against a state-backed adversary?
What are his alternatives?
I don't really see any alternatives. Do you?
There's a whole continuum.
Other than 2FA, text messaging is easy to get rid of.
You still use it to make calls, so yeah, they can track you that way. You can keep the phone off most of the time, though. People close to me know that they're more likely to reach me by calling my home phone.
What else does one really need a phone for?
Navigation? Do what I did: Get another phone that never has a SIM card and use an offline app.
Camera? The same. But really, life is very doable without a camera to begin with!
The only reason I need a phone is 2FA.
If he's running iOS he can also enabled Lockdown Mode on the new phone to block most types of attacks.
And later,
> Without a full forensic analysis of Gibson’s phone ... it’s impossible to know why he was targeted or who targeted him.
> But Gibson told TechCrunch that he believes the threat notification he received from Apple is connected to the circumstances of his departure from Trenchant ...
I find it funny that (1) this guy never thought this would happen to him (2) this guy has the balls to talk to media about this but fears retaliation
I mean, seriously, those who want to know your real name already know it.
Another reason not to work at places like this.
- Exploit developer makes and plays with exploits on their phone
- Apple notices this, warns them that there is spyware on their phone
- Exploit developer somehow thinks it is governments hacking into their phone
Interesting kind of payback. What does he think happens to the people whom the exploits he develops target?
I’m kidding of course
If these companies have no qualms using their exploits against their own employees they'll have absolutely no problem using them against members of Congress, the Courts, investment banks, tech leaders, and anyone with any sort of power. This gives them the ability to blackmail some of the most powerful people in the world.
edit: And that's not even mentioning their reported "intended use" against dissidents and journalists.
We live in a world full of threat-actors. We need exploits just like we need firearms and tanks and fighters and jets.
To mock the guy is just naive.
If you develop weapons, physical or digital, don’t be surprised if you end up on the receiving end.
> But the ex-Trenchant employee may not be the only exploit developer targeted with spyware .. there have been other spyware and exploit developers in the last few months
In this case there is an article [0], but there’s no screenshot of the message as seen on iOS. But it does mention that the notification comes in via iMessage, so it probably looks like any other text.
> Two days after receiving the Apple threat notification, Gibson contacted a forensic expert with extensive experience investigating spyware attacks.
Surely as a professional "exploit developer", Gibson himself should have been about as expert at this particular niche as any human being on the planet already.
I mean, sure, absolutely he should have called in his friends in the community and gotten more eyes on the device. But the way that's written it sounds like he took it into the local Genius Bar.
It also, in context, feels a little obfuscatory. Like he's trying to flag the involvement of senior folks who he can't name.
scheeseman486•2h ago