logoalt Hacker News

lewiscollardtoday at 6:32 AM1 replyview on HN

> The article mentions that an abuser could put spyware on your phone? Is that a realistic scenario?

Yes, stalkerware is an entire genre of software and it is designed for exactly this purpose.

How “stalkerware” apps are letting abusive partners spy on their victims https://www.technologyreview.com/2019/07/10/134249/stalkerwa...

The Abuser in Your Pocket: How Stalkerware Threatens Women’s Privacy https://safeescape.org/stalkerware-threatens-womens-privacy/

'I thought I'd been microchipped': How abusers spy on partners with 'parental control' apps https://news.sky.com/story/i-thought-id-been-microchipped-ho...

A web search for the term will turn up many more results. Graphene OS's hardening against exploits, compared to the abysmal record of Android vendors, gives much better odds against any of these apps being able to run with elevated privileges, which means Android's sandboxing is effective.

(Happy Graphene OS user of many years here.)


Replies

palatatoday at 7:51 AM

Happy GrapheneOS user here as well, but...

I am having a hard time believing your first link, which says:

> In Anna’s case, stalkerware was disguised as a picture message, sent to her by the man she was dating (let’s call him David), just a few weeks after they met. She was then under constant surveillance for about two years

That sounds like an NSO-level attack, right? I doubt abusers routinely pull that out?!

I totally get the problem that "the abuser knows the iCloud password and can use the FindMyPhone feature to track the victim", or "the abuser convinced the victim to install an app that would track the victim without their consent". But I am genuinely wondering how much GrapheneOS protects against that.