Apple Sues Pegasus

Apple sues Pegasus spyware maker NSO group.

Israel based NSO group was in the news earlier this year for its spyware known as Pegasus was used by various governments to target activists, journalists and even the government’s own officials.

Apple Inc has sued the NSO Group to prevent any more abuse and harm to its users. The iPhone maker is also seeking a permanent injunction to ban the NSO Group from using any of Apple’s products, services and devices. 

To deliver the spyware attackers created Apple IDs to maliciously send data to victims’ device and install the spyware. Though the vulnerability is now fixed Apple claims that Apple’s services were misused to deliver FORCEDENTRY. Apple claims that none of their servers were hacked or compromised.

“Apple devices are the most secure consumer hardware on the market — but private companies developing state-sponsored spyware have become even more dangerous.” Said Craig Federeghi, Apple’s Senior VP of Software Engineering. 

Apple claims that Pegasus attack only impacted a very small number of iPhone and Mac users but the company takes these attacks very seriously and is continuously working on strengthening its security and privacy protections. 

Child Abuse Awareness

Apple now scans your device for child abusive material.

On 6th August, Apple revealed that it is now taking a stance against child abuse on its operating systems including iOS 15, macOS Monterey, iPadOS 15, and watchOS 8.

The anti CSAM features will be first appearing in three areas including Messages, iCloud, and Siri and Search.


The Messages app will now include tools that will warn children and their parents before sending and receiving sexually explicit images. If received such a message the child will be warned and the image blurred. The kid will be assured it is ok if they do not want to view the photo, and the parents of the child will be informed if the child chooses to see it. This is done using on-device intelligence hence making sure the user’s privacy is not violated. Similar protections are available if a kid attempts to send sexually explicit photos. The kid will be warned before the photo is sent, and the parents can receive a message if the child chooses to send it.

Siri and Search will now be able to guide and help children and parents stay safe online. The service will now also include more resources related to the matter. Users can now also ask Siri to help them report CSAM and they will be guided on filing a report.

Siri will also intervene when users try to perform a search related to CSAM, they will be informed that interest in the topic can be harmful and problematic, and provide resources to help with the issue.

iCloud and CSAM detection

The most prominent step in Apple’s stance is its CSAM detection system that will try matching your images against a list of knows CSAM image hashes provided by the US National Center for Missing and Exploited Children (NCMEC) and other children’s safety organizations before an image is stored in iCloud.

child safety icloud

“Before an image is stored in iCloud Photos, an on-device matching process is performed for that image against the known CSAM hashes. This matching process is powered by a cryptographic technology called private set intersection, which determines if there is a match without revealing the result, The device creates a cryptographic safety voucher that encodes the match result along with additional encrypted data about the image. This voucher is uploaded to iCloud Photos along with the image.” Apple said.

“Using another technology called threshold secret sharing, the system ensures the contents of the safety vouchers cannot be interpreted by Apple unless the iCloud Photos account crosses a threshold of known CSAM content. The threshold is set to provide an extremely high level of accuracy and ensures less than a one in one trillion chance per year of incorrectly flagging a given account.”

Apple can not normally manually view the images until the image hash reaches a set threshold, when that happens Apple will manually look at the hash, vouchers, and all the metadata. If it is distinguished as CSAM Apple will disable the Account and a report will be sent to NCMEC.


Apple’s approach received criticism stating that the Cupertino giant is preparing to add a backdoor to its services. The fact that Apple can manually interpret the scanned images makes the feature controversial given that the company once declined the FBI when it was asked to create a backdoor for the FBI to access a terrorist’s iPhone.

Apple has some of the best privacy practices in the entire industry and we believe will not be using the technology to collect user data but for those that do not trust you can stop Apple from scanning your photos by not using iCloud Photos.

When will these features be implemented?

These new features are expected to go live with the release of Apple’s new iOS15, iPadOS15, macOS Monterey, and WatchOS later this year alongside Apple’s upcoming iPhone 13 and Macbook Pros.


What is Pegasus? The super spyware that’s on every news headline.

Pegasus is a surveillance software developed by an Israeli tech firm, the NSO Group. It is a highly sophisticated spyware developed solely for law enforcement and intelligence agencies. 

Pegasus first got public attention when several journalists were intimidated by WhatsApp about their phones being compromised by spyware. 

This software has again gained limelight, on July 18th it was reported that documents acquired by a international media collaboration showed a list of numbers that are claimed to have been potential targets using Pegasus. 

What Exactly is Pegasus

Pegasus is as mentioned a highly sophisticated spyware software developed by NSO Group only available to intelligence agencies and law enforcements. 

Pegasus is termed as a modular malware. The biggest USP of Pegasus for its users is the seamless intrusion it promises where an individual targetted wont have an idea that their phone is compromised. The spyware when enters a device first gets a scan and then installs various modules as per the requirements. These modules can:

  1. Listen to calls and access all contacts
  2. Access all messages and mail
  3. Log keyboard keystrokes
  4. Capture screenshot
  5. Access browser history 

Any mobile device can be hacked just by making the target click a URL link, or even just a WhatsApp missed call. A single missed call can install the software on the targets phone which then deletes the call log entry to ensure that the victim of the hacking remains unaware.


According to documents collected by The NewYork Times, the costs for using the NSO Group’s software is quiet steep. It costs about $500,000 installation fee, followed by $650,000 to spy on 10 iPhones or Android users; $500,000 for five Blackberry users; or $300,000 for five Symbian users. The users also had to pay an additional fee of $800,000 for an additional 100 targets, $500,000 for 50 extra targets or $150,000 for 20 extra targets. 

Now a NSO spokesperson said “NSO will thoroughly investigate any credible proof of misuse of its technologies, as we always had, and will shut down the system where necessary,”

Apple Privacy

What is Apple’s Private Relay and how is it different from a VPN

Apple recently announced a new Private Relay service that helps users maintain their privacy online. 

The new feature is available with the companies iCloud+ subscription service. This new encryption-based service was one of the many privacy features announced by Apple at the WWDC 2021.

What is Private Relay and how does it work

Private Relay is an encryption-based system that helps users maintain their privacy while surfing the web with the Safari web browser. All the user’s requests and data sent out are end-to-end encrypted which Apple claims even Apple can not read.

The data is split into two different sets of data, one that includes your IP address (Who you are) and the second that includes your DNS request (What website you are visiting) before it is encrypted. This encrypted data is then sent to an Apple Proxy server and then to a third-party proxy server that is run by a partnering company. Cloudflare is currently one such known company that would host the second server.

Apple does not hold the keys to DNS encryption hence can only see your IP address, not the websites you are visiting. Apple’s servers now forward the DNS data to the third party server but with an anonymous IP address that is created on Apple servers that only contain your very rough approximate location. 

Private Relay

The third-party proxy server holds DNS encryption keys hence decrypts the DNS requests then resolves user requests i.e. sends it to your requested website with the random IP generated by Apple with the approximate location without your personal details. 

So now the website you visit has no personal detail about you due to the anonymous IP while still has an approximate location to provide you location-specific content.

How is Private Relay different from a VPN

Apple’s Private Relay uses Oblivious DNS-over-HTTPS (ODoH) which Apple helped develop and push along with Cloudflare and Mozilla in its Safari web browser. This makes the service a Safari only privacy feature. Private Relay does not help to bypass geo-restrictions as it does use your approximate location i.e your City/Region is known. 

The servers do not take any efforts to hide and camouflage in regular network hence could be restricted in school and corporate networks. 

Alternatives to Apple’s Private Relay for a private internet

  • A good old VPN from a company you could trust.
  • Cloudflare Wrap
  • Mozilla Private Network (Beta)