So, you know commercial spyware? No I’m not referring to ads or things like pegasus. Talking about those weird providers that market to schools, employers and shitty partners
What measures could be taken to mitigate these threats? When physical can be assumes but the attacker isn’t skilled, just using one of said tools? How would this vary between phones and laptops for example?
Thoughts?
No I’m not in danger, just get curious about this subject once in a while
Most stuff like that is usually part of an MDM suite (mobile device management) and is centrally managed. If, for example, your institution is using Active Directory to manage devices, they’ll likely seek out a service that ties directly into AD.
There’s not really a way to get out from under this control since it’s remotely managed and removing the management would also disconnect the machine from whatever remote network it’s tied to (schools, employers).
Shitty partners get advertised whole different stuff… With a partner the best decision is to start the relationship with respect for each others passwords and privacy, not snooping in each others phones, and ending the same way, not snooping on each other. If they can’t physically access it without “hacking” past your secure password/PIN, then they can’t really install stuff like that. I know people feel weird about this because they’ve been cheated on by partners, so pro-tip: find better partners.