My understanding is they may be able to but to do so risks publicizing secret exploits, which could then be fixed. So they usually save these for very high profile targets to make sure it’s worth it.

I swear to God, the government has done a good job of making people forget about the Snowden leak.

Many governments, all over the world, but especially the U.S. and China, can and are installing physical hardware backdoors into essentially every consumer grade phone and computer in the market.

There is no doubt governments hoard 0-day vulnerabilities. We saw that with the Shadow Brokers and Eternal Blue.

When a government says they can’t break into a system, what they are really saying is we don’t want to tell the court how we did this in order to establish the chain of custody for evidence also , we don’t want the vendor to fix it.

With all that said there are limits. Like being able to listen to your phone when it’s off, or turn it on remotely is just wrong

When I served on jury duty duty, we heard how the cops used some type of software to try to get the messages off two phones but there was a speacial way that they needed to turn on the phone to prevent it from booting the OS. Someone screwed that part up with one of the phones, and the messages got wiped when it turned on.

It’s probably not possible to break into them for regular law enforcement.

Give Trumps phone to the Chinese or vice versa and they will probably manage something.

The only way to be safe from your computer being wiretapped is to not use a computer.

There was a story from the podcast ‘Darknet Dairies’ where it was discovered that a journalist’s phone had tracking software uploaded to their phone in a zero click text. The target’s phone received a text in the middle of the night that uploaded the software and then deleted any history of the text being received. I think this is one of features of the Pegasus software sold by the NSO Group. And that was 5 or 6 years ago.

Probably. It is known the the FBI got a number of keys from Apple to open some phones.

Many years ago go I worked for a company as their BlackBerry admin. I also managed their other smartphones. They started an office in Russia.

The Russian government wouldn’t let you use a BlackBerry server, they only let you turn over your creds to a server managed by the phone operator.

I assumed this was because they wanted to see those emails.

They didn’t need to do this for ActiveSync or imap devices like iPhone Android or windows phones.

Everything can be broken into. IT security isn’t about making a system truly secure, it’s about patching discovered zero-day exploits and poking novel holes so no one else can but you.

Just because they are out to get you, it doesn’t mean you’re not paranoid.

They can get into most phones for sure, and even if you have GrapheneOS in a paranoid config they can get you if they put in significant effort. They will come at the data from a direction that doesn’t require compromising the phone itself if that’s too much challenge. You need to think about the total attack surface, the phone itself is just one thing. Ultimately it’s about what resources are necessary to get what they want, for most phones the resources are relatively minimal but also most people are not worth the resources to them.

You have to look at jail breaking iOS as one of the most powerful security movements in the history of computing.

Every time a new exploit would come out, jailbreakers would open source it, give out every detail. So Apple could fix it. That made the OS very secure. Like, to the point where jail breaking is in one way no longer possible.

Remember the time when you could jailbreak your phone just by downloading a PDF file? Imagine jailbreakers not open sourcing that but selling it to a shady company or government. Suddenly, every PDF file you get in an email can complete take over your phone.

You’re right - exploits exist that these companies hide from the people and from mobile manufacturers. They do so because they’ve built multi-million dollar models for using these exploits against people they want to target. But is there a universal exploit for all iOS? No. If it were, someone would be loading cydia on it and uploading a grainy video on X or whatever.

All my phone has is on it is an absolutely embarrassing amount of memes and pictures of my cat. There aren’t even any nudes on it, although maybe I should take some to traumatize any government agent who goes digging through it. Would serve them right.

It totally depends on your definitions and which government you’re talking about. Israel’s use of pegasus malware to exfiltrate sensitive information from journalists and detractors is notorious. Considering how tight big tech in the US is with fascists (and the history of the NSA), it wouldn’t be a huge leap of logic to assume that they are at least trying to get backdoors installed and are making off the books deals with tech companies to acquire information extrajudicially.