- Judge James Donato intends to dismantle Google’s Android app store monopoly, following an earlier ruling declaring it illegal.
- Google argued that opening its store to competitors would be too costly and complex, but the judge dismissed this claim, emphasizing that barriers will be removed.
- Proposed remedies include banning discriminatory practices against rival app stores and setting up a committee to monitor compliance and report regularly.
For what it’s worth, both Android and iOS are vulnerable to zero click RCEs, see NSO Group and their Pegasus spyware.
One of the reasons we don’t really have zombie phones in botnet swarms is because selling the RCE on the grey market is way more lucrative than burning it to infect some devices for a botnet since phones are way more attractive targets than computers if you’re actively targeting an individual.
A fully compromised smartphone is will give access to practically all of a target’s communications: their phone calls, SMS messages, encrypted text messaging (Signal/WhatsApp/iMessages) and probably their email as well. You will also gain access to a good portion of their web browsing, and their is a very good chance you will gain access to their 2FA as well (Authenticator application or SMS) allowing you to further easily compromise any of their online accounts. Plus, you gain access to any files on their phone (which are often very good kompromat if your goal is to blackmail), their live location and the ability to spy on them covertly through the camera and the microphone.
Compare that to a laptop. You gain access to some of their web browsing, some files (often only professional in nature), and maybe access their camera and microphone some of the time, since the laptop isn’t always on and beside you.