Smartphone Security

Smartphone Spyware

Today there is a thriving market for legal, for-profit smartphone spyware (aka mercenary spyware). Companies like the NSO Group are free to create and sell highly sophisticated, zero-click malware such as Pegasus which has been used to spy on dissidents, politicians, activists and journalists around the world. There are also several apps available to parents to track their children, but are often used to abuse or stalk adult partners or ex-lovers. Today I’ll discuss the state of these malicious apps, ways to protect our smartphones and even detect such spyware after the fact with the co-founders of iVerify, Danny Rogers and Rocky Cole.

Interview Notes

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:01:38: Interview setup
  • 0:03:08: How does iVerify work and why did you create it?
  • 0:07:10: What sort of people need protection like iVerify?
  • 0:11:07: How do you know that you can trust a security app?
  • 0:14:54: What do MDM profiles do to my phone? Is it reversible?
  • 0:20:37: How dangerous are third-party app stores, compared to Apple/Google?
  • 0:27:37: If an app I’ve installed is pulled from the app store, will I be notified?
  • 0:28:50: How hard is it today to jailbreak a phone?
  • 0:31:49: How do you tell if a phone has been hacked?
  • 0:33:21: Can you detect if an app has escaped its sandbox?
  • 0:38:09: What is the marketplace like for spyware?
  • 0:41:36: Are phones getting harder to hack?
  • 0:44:16: Is it possible to detect or prevent hacking via physical access?
  • 0:49:11: How do Apple and Google phones compare on security?
  • 0:52:08: How does Apple’s Lockdown Mode work?
  • 0:54:47: Should governments outlaw the sale of mercenary spyware?
  • 1:01:10: Should governments hoard 0-days or disclose them?
  • 1:03:31: What are your top security tips for regular users?
  • 1:05:44: What’s next for iVerify?
  • 1:07:28: Wrap-up