Simon: 00:00

[SILENT - 15.7s]

00:15

why the iphone is the most surveilled device on the planet

00:23

let me ask you something

00:27

you're holding a device right now that knows your face tracks your location

00:33

listens for your voice reads your messages backs up your life to a server you don't control

00:44

and somewhere along the way we decided that's fine because it's an iphone because apple said so

00:55

because the box said privacy

01:02

Welcome to the Closed Network Privacy Podcast.

01:04

I'm your host, Simon.

01:06

And today, we're going to dismantle one of the most successful lies in the history of

01:12

consumer technology.

01:21

The app does things like turn on the microphone, the camera, and read WhatsApp messages or

01:26

listen to calls or track location.

01:27

And then it sends all that data back to the attackers without the victim knowing that

01:32

any of this happened.

01:33

Specifically, this worked with iPhones.

01:35

First, it required the user to click a malicious link using their phone.

01:39

Clicking the link opens the Safari browser and the user visits the website.

01:43

Safari uses a thing called WebKit, which is like the browser's engine.

01:47

When a user clicks the link, a JavaScript program runs.

01:50

And that JavaScript program tries to exploit a bug in WebKit, which would allow it to write

01:55

data to the phone.

01:57

Through this bug in WebKit, the JavaScript program...

02:00

downloads a malicious program.

02:02

The malware uses an exploit to jailbreak the iPhone,

02:05

which allows it to run any app that's on the phone,

02:08

not just the ones downloaded through the App Store.

02:10

Once it's jailbroke,

02:11

then the last step is just for it to run the malicious app.

02:14

And at this point, the app is just a normal iPhone app,

02:17

and it can be started like any other app.

02:42

The app is just for it to run the malicious app.

03:00

got upset i had to put all the egos in check i want the money the power welcome back everybody

03:04

simon close network privacy podcast episode 54 mini pod why the iphone is the most surveilled

03:12

device on the planet had a lot of conversations going in the chat room the last week especially

03:18

since the last episode dropped regarding mobile devices since there's so much conversation

03:24

happening around age verification app gatekeeping through specific app stores both through apple

03:32

and google where things are heading down the road no one really knows for sure no one has all the

03:38

answers but oftentimes we see the messages come up when talking about different phone platforms and

03:47

if i can't use graphino us what should i use instead often the times and even myself recommended well

03:54

an iphone it's actually quite secure private debate

04:00

but possibly more private than stock Android, especially if you're using it with, if you're

04:08

an iCloud user, then definitely enabling advanced data protection if you're allowed to. Some

04:13

countries are now making that feature not available, as well as using lockdown mode.

04:22

Lockdown mode on an iPhone provides additional security benefits and

04:29

depending upon your threat model, it may be something you want to consider.

04:37

I think it really, the only person I can answer these questions is yourself. So my objective

04:46

for this episode is kind of a mini pod focused specifically just on this subject. So the iPhone,

04:54

yes, the key features in lock mode or the lockdown mode.

05:00

requires you know the the functionality of the phone still continues to work uh but it adds

05:06

uh some some layers that it basically will uh block connections automatically like wi-fi

05:13

uh 2g 3g those should be blocked uh at all times and then uh there's you know different

05:21

configurations within there for high-risk users like journalists activists government employees

05:26

human rights workers those types of things where uh it adds additional layer of of security to the

05:33

device physically so yeah i think the iphone's probably like okay and it's a you know when i

05:40

say okay i'm like relative uh in my opinion graphenois is probably the most secure and most

05:46

private not because it's just that way out of the box but because the phone doesn't require you to

05:51

log into the device during during setup you don't even have to install any google services at all

05:58

if you don't want to

06:00

sometimes that's a requirement for certain things to work like banking apps and things of that

06:03

nature. But if you absolutely just don't want any ties, then, you know, you can set that phone up

06:09

and you have a lot of granularity over what the applications that are installed, what they can

06:16

have access to sensors, microphone, location, wifi, you know, network, all that type of thing.

06:22

So this episode is going to be just really focused on iOS and then kind of a little contrast

06:29

as well to Graphene OS. So I'm just going to take a quick second just to thank some people

06:36

really, really quick. This is going to be a quick, quick episode. Michael Bates, David, TK,

06:42

Vo, Mr. Milk Mustache, Hutch, Bond, Wartime, Circus Media, a couple unknowns and anonymouses.

06:49

Thank you. Thank you for your support. If you are interested in supporting the podcast,

06:55

you're welcome to do so. You can do all of that at closednetwork.io.

07:00

We also have a Patreon.

07:01

You can also support directly through closednetwork.io directly for as little as five bucks a month.

07:09

If you feel compelled, also feel free to join for free under the free plan as I'm working on different newsletters and ways to push information out that I find interesting or that I think others might find interesting without overusing it.

07:25

But yeah, kind of trying to build some better lines and channels of communication.

07:32

All the links to join our chat rooms are at closednetwork.io.

07:37

And a quick shout out to our moderators, Mattis Max on Intelligence 7.

07:42

Thank you for all the hard work.

07:43

Much appreciated.

07:45

And with that, we're going to get into the episode.

07:59

We'll see you next time.

08:00

The iPhone is not a private phone.

08:04

It is, in many measurable ways, the preferred platform for state-sponsored surveillance on the planet.

08:11

Not because Apple is uniquely evil, but because the very thing that makes iOS secure to you,

08:21

that locked-down, controlled, walled-garden architecture is exactly what makes it irresistible to intelligence agencies and spyware vendors.

08:32

When you crack a walled-garden, you own everything inside of it.

08:37

So today we're going to talk about three things.

08:39

One, Paragon Solutions, an Israeli spyware firm that hacked fully updated iPhones.

08:46

No clicks, no links, no user error, while the victims slept.

08:52

Two, Apple's quiet acquisition of companies that read your facial micro-expressions.

09:00

your emotions in real time and as of 2026 translate silent movements of your lips and jaw into words

09:08

you haven't spoke out loud what an actually private phone looks like in 2026 and why paradoxically

09:17

it's made by google so grab your coffee this one's gonna sting

09:43

part one the spyware that needs nothing from you so picture this you're a journalist in italy

09:52

your iphone is fully updated running the latest version of ios available at the time

09:57

you haven't clicked anything suspicious

10:00

no links you haven't opened any weird attachments you haven't installed anything from outside the

10:05

app store you've done everything right and your phone is already compromised that is not a

10:12

hypothetical that is what happened to at least two european journalists in early 2025 confirmed

10:18

forensically by the citizen lab at the university of toronto the iphones were infected with spyware

10:24

called graphite built by an israeli firm called paragon solutions the attack vector was imessage

10:31

apple's own messaging system the exploit processed a malicious photo or video shared through an

10:38

icloud link automatically silently the way your phone always processes incoming media

10:44

the victim didn't touch a thing the spyware was installed game over citizen lab calls this a

10:51

zero click attack no user error no phishing no you should have known better the phone just gets owned

10:58

once

11:00

graphite is in it has access to everything your messages including signal whatsapp your call logs

11:07

your photos your contacts your location microphone your camera

11:15

every app on your device becomes a window that paragon's client can look through your phone has

11:22

been silently converted into a full spectrum surveillance device and you have no idea now

11:29

who is paragon solutions founded in 2019 co-backed by former israeli prime minister

11:36

ehad barak it's a founder a former commander of unit 8200 israel's elite signals intelligence unit

11:44

essentially the nsa's hacking division these are not amateurs who stumbled into spyware business

11:50

these are people who spent their careers cracking communications infrastructure for nation states

11:56

their product graphite is marked as a lawful

12:00

intercept tool sold exclusively to vetted democratic governments for legitimate law

12:07

enforcement. We're the ethical spyware company. We only sell to the good guys. So in December

12:13

2024, a U.S. private equity firm acquired Paragon for approximately $500 million.

12:22

The surveillance for hire industry is no longer in the shadows. It's on Wall Street.

12:27

And here's where it gets political. Italy's parliamentary intelligence oversight committee

12:33

confirmed in June, 2025, that the Italian government has used Paragon's graphite to spy

12:41

on two activists, the founders of an NGO that rescues migrants drowning in the Mediterranean

12:48

sea, not terrorists, not criminals, people pulling bodies out of the water. A democratic EU member

12:56

state using a half a billion dollar Israeli-American

12:59

country.

12:59

Thank you.

13:00

spyware to monitor humanitarians. And in the United States, the Drug Enforcement Administration

13:07

is reportedly a Paragon customer. So after briefly pausing the contract, the Trump

13:13

administration reinstated it. By August of 2025, ICE, for those that don't know ICE as the

13:21

Immigration and Customs Enforcement in the United States, had the green light to use green graphite

13:27

again. The agency's director publicly stated they would use a new surveillance capability

13:33

to track anti-ICE protesters. There's even a journalist who warned publicly that Paragon

13:41

spyware can be covertly installed on anyone's phone from a drone hovering over a protest.

13:47

This is not a hypothetical. This is operational. So why is Apple? Why Apple, right?

13:56

is the spyware industry's favorite platform.

14:00

You might be asking, doesn't this stuff target Andrew as well? Technically, yes. But practically, iOS is the preferred and confirmed platform. And the reason is architectural. iOS is a monoculture.

14:17

Every iPhone runs essentially the same software stack, the same iMessage implementation, same photo processing libraries. If you find a vulnerability in iMessage on one iPhone, it works virtually on every other iPhone in the world. So the attack surface is uniform, predictable, and enormous by market share.

14:40

So for a spyware developer, that's a dream. You develop it once, you deploy it millions of times. Android is the opposite. Different manufacturers, different software versions, different custom layers. A zero-click exploit that works on a Samsung Galaxy may not work.

15:00

on a pixel each is a separate engineering problem the fragmentation that frustrates consumers is

15:06

paradoxically a security feature but here's the deeper issue and this is the part most most people

15:14

miss apple security pitch is this basically because you can't modify ios because you can't

15:23

install software from outside the app store because the operating system is cryptographically

15:29

verified from boot to runtime your device is secure and that's true for a certain definition

15:37

of secure but the same locked bootloader that prevents you from installing a custom operating

15:43

system also prevents you from inspecting the one that you have you cannot audit ios you cannot modify

15:52

how i message works you cannot remove the attack surface you are completely dependent

15:58

on apple

15:59

you

16:00

single private company to find and patch every vulnerability before spyware vendors do.

16:06

And we've just seen sometimes Apple doesn't win that race. The walled garden that looks like

16:13

security is actually a single point of failure. When it fails, it fails completely. There is no

16:19

fallback. So we're looking at kind of Apple's face reading empire, right? Now let's see Paragon.

16:28

Let's set Paragon aside. Let's take Apple at their word that they're fighting spyware,

16:36

not enabling it. There's a separate quieter story being built through Apple's acquisitions.

16:42

And it tells a very different story about what your device is being designed to do.

16:48

So let's trace the timeline. 2013, Apple acquires PrimeSense, an Israeli company whose 3D sensing

16:57

technology maps your face.

17:00

with 30,000 infrared points, and this becomes Face ID. Three years later, 2016, Apple acquires

17:07

Emotent, a company whose entire business was detecting human emotions from facial expressions

17:15

in real time. Their pitch is discern the most subtle expression changes and translate them

17:23

into defined emotional reactions. Apple has never publicly explained why they needed real-time

17:30

emotion detection. 2017, RealFace, another Israeli startup, AI-driven facial recognition and

17:39

identification. Combined with PrimeSense, this forms a core of Face ID, as we know it today,

17:45

to unlock your phone. 2020-24, Datacob, a French computer vision startup that deployed AI tools

17:56

in Paris, transit systems to monitor people's faces for...

18:00

mask compliance during the pandemic. Apple acquired them, quoted their privacy by design

18:07

credentials. Their use case was monitoring faces in public spaces. Okay. Then in January,

18:13

2026, Apple acquires a company called QAI, approximately $2 billion for the acquisition.

18:22

Apple's second largest acquisition ever after Beats, the Beats by Dre headphones. So QAI's entire

18:30

website had one line of copy. Quote, in a world full of noise, we craft a new kind of quiet.

18:40

What does QAI actually do? Their patents reveal technology embedded in headphones or glasses

18:48

that uses facial skin micro movements for nonverbal communication. The system

18:56

analyzes the tiny movements of your jaw, your lips, your face.

19:00

muscles to understand what you're saying, even if you're whispering, even if you're saying nothing

19:06

out loud. So, you know, silent speech detection, not your location, not your messages, the words

19:18

forming in your head before you speak them. QAI CEO is Aviad Meisels, probably mispronounced that

19:28

M-E-I-S-E-L-S, the same founder who sold PrimeSense to Apple in 2013, the same man whose technology

19:37

became Face ID. He described his vision like this, and I really want you to hear this sentence,

19:44

biology can only take us so far, QAI will do the rest. What comes after biology? When it comes to

19:55

extracting your inner monologue, a machine that reads your face to finish your...

20:00

Thoughts? Apple's official spin is that this will power smarter AirPods and a better Siri.

20:07

Maybe that's all it is, but let's be clear about what has been assembled acquisition by acquisition

20:13

over more than a decade. Three-dimensional facial mapping, real-time emotion detection,

20:24

advanced facial recognition, computer vision for public surveillance, and now technology that

20:30

decodes speech from micro-movements of your face without any sound at all. So whether Apple uses

20:38

it for advertising, for government cooperation, or simply keeps it locked on device as a feature,

20:44

the capability is being built piece by piece, year by year. So the device in your pocket is being

20:51

upgraded into a biometric surveillance platform with extraordinary sophistication. So the alternative

21:00

nobody wants to hear. I know what you're thinking. Okay, so I use Android. Android is Google. Google

21:07

is surveillance capitalism. How is that better? That's the right question. And the answer is

21:13

stock Android isn't better. The Android you buy at the carrier store with the Google services

21:19

baked in is absolutely a surveillance platform. Google knows where you are, what you search,

21:25

what you buy, who you talk to. But here's the crucial distinction between Apple's marketing,

21:32

you know, that has successfully kind of obscured. And then on Android, specifically on Google's

21:38

pixel hardware, the software and the hardware are, you know, are separable, is you can unlock the

21:44

bootloader, right, install a completely different operating system, then relock the bootloader. So

21:52

now validates the new OS. The cryptographic chain of trust is still intact, but what's running

21:58

underneath isn't.

22:00

different. That's what Graphene OS does. Graphene OS on a Google Pixel is currently the most

22:07

defensible consumer smartphone platform available. That's right. It's the hardest to spy on,

22:17

and it's built by Google, running software that removes Google entirely.

22:21

So what does Graphene OS actually give us? Memory protection that wipes sensitive data

22:29

immediately after use, closing entire classes of exploits. Hardened memory allocation that prevents

22:37

a heap of corruption attacks. That's oftentimes where they're exploited. It's within the memory.

22:45

Per-connection MAC address randomization that prevents network tracking, USB connection

22:52

blocking when the screen is locked at the hardware level, not just software. So no Google services,

22:59

no telemetry.

23:00

no cloud sync unless you explicitly configure it,

23:02

no iMessage equivalent attack surface.

23:05

Critically, it's open source.

23:07

Anyone can audit the code.

23:08

Every security patch is published,

23:10

and when Citizen Lab wants to verify a claim

23:13

about Graphene OS protections, they can read the source.

23:17

When they want to verify Apple's claims about,

23:20

air quotes, private cloud compute,

23:23

they're reading marketing copy and legal agreements.

23:26

Apple's code is proprietary, closed-sourced, and transparent,

23:30

you know, are not synonyms.

23:32

So security researcher, and I'm going to mess this up,

23:37

Stanislav Kogan put it plainly.

23:40

If a spyware vendor attempts to use a standard exploit chain

23:45

against a device running Graphene OS,

23:47

they must burn an entirely different exploit,

23:51

and one that is exponentially more scarce.

23:55

So the research and development cost is dramatically higher.

23:58

And practice...

24:00

you stop being worth the budget.

24:02

Graphene OS also lets you disable the cellular modem at the hardware level.

24:07

Your phone literally cannot communicate with a cell tower.

24:10

You can air gap applications completely,

24:14

give an app network permission for one session, then revoke it.

24:17

You can run Google Play apps in an isolated sandbox,

24:21

so even if you install something that would normally phone home,

24:26

it runs in a quarantine with no access to your real identity.

24:31

Yeah, you lose iMessage, you lose FaceTime,

24:35

the App Store ecosystem without workarounds,

24:38

and that's the real-world trade-off.

24:40

This isn't for everyone, right?

24:42

If your threat model is, I'm a journalist, I'm an activist, an NGO worker,

24:48

a lawyer with sensitive clients, a defense contractor, a politician,

24:53

anyone whose phone might be worth targeting

24:56

with a half a billion dollar spyware capability.

25:00

then iPhone isn't just insufficient.

25:04

It may be a liability.

25:06

So these are the types of things

25:10

that I think are oftentimes hard to communicate

25:14

when you're talking about a normal everyday person

25:17

who isn't one of those things

25:19

about trying to pick the best device that fits their life.

25:23

And sometimes in life,

25:25

you are required to use certain apps and certain devices.

25:28

That's not what we're talking about here.

25:30

Just wanted to break down the differences

25:35

between Apple's iPhone,

25:37

the marketing around privacy,

25:39

their actual security practices versus Android,

25:44

and then Graphene OS, AOSP running on a Google Pixel.

25:50

So QAI's tagline was beautiful.

25:53

In a world full of noise,

25:55

we craft a new kind of quiet.

25:59

I want to seal it forever.

26:00

a moment to make a different point. In a world where your phone is reading your facial micro

26:05

expressions, decoding your silent speech, transmitting your dictated messages beyond

26:12

the boundaries of end-to-end encryption, and maintaining a locked-down architecture that

26:16

happens to be a preferred platform for state-sponsored spyware, quiet is not what Apple

26:25

gives you. Quiet is what they sell you the feeling of. Real quiet requires a different kind of phone.

26:34

One you can verify, one that doesn't phone home, one where the attack surface has been systematically

26:41

stripped away by people who publish their work publicly, one when a spyware vendor runs their

26:50

standard exploit chain against your device, the engineers have to go back to the drawing

26:55

board. That quiet is unglamorous.

27:00

it doesn't come in obsidian or lemongrass it doesn't have a polished unboxing experience

27:08

it doesn't run automatically when you set it up with your apple id but it's real and in 2026

27:16

the rarest thing in the smartphone market is that it that it's real so that uh is

27:27

my kind of breakdown and comparison if there's anyone that you know in your life that has

27:35

asked questions or questioned why a graphene os operating system running on a phone built by

27:43

google versus an iphone which literally uses privacy as part of its tagline for selling

27:52

their hardware and their software send them this episode because it really

28:00

is that simple. It's one of the reasons why most malware and viruses are written for Microsoft

28:07

Windows operating systems versus macOS or Linux. It's not that you can't write malware or viruses

28:16

or that they can't be deployed on Linux or macOS. It's just that the user base is so big

28:23

with Microsoft Windows that it is financially a better return for the investment to write malware

28:32

and viruses for that platform. It doesn't mean they don't exist on other platforms. It's just

28:37

it's the largest target rich audience and that's really what comes down to with Apple iPhone

28:43

and with their latest acquisitions of these different companies that I had mentioned.

28:49

It seems that Apple wants to move in more of a surveillance of your face, your facial recognition,

28:57

your expressions more often.

29:00

than not and i'm curious to know what their plans are for the future for future rollouts as

29:08

age identity on-device os age verification are are being pushed to the forefront by by regulators

29:16

and legislators that maybe this is going to be part of that which is basically checking the

29:24

user of the phone initially before they even touch the screen i don't know for sure that's

29:31

going to be the case but it would make a lot of sense if that's the direction they were going

29:35

all of their devices with the exception of of their macbooks their ipads and their iphones use

29:42

face id as an option to unlock the device once these things are are baked into the operating

29:49

systems and they're standardizing their security and privacy features across all of their all of

29:54

their devices i.e ios mac os ipad os 26 standardization

30:00

It may be that that's actually the technology that they use going forward to check and verify

30:06

or guess the age of the person based on what the camera sees, what the camera detects as

30:13

they pick it up.

30:14

So that's just a quick little mini pod I wanted to get out because it's been on my mind and

30:22

I had put this script together from my notes from previous conversations.

30:29

And I hope that you found it valuable.

30:32

So I'm going to get ready to go have dinner and I will catch you in episode 55.

30:59

I'm going to get ready to go have dinner and I will catch you in episode 55.

31:00

I'm going to show you I'm with it.

31:01

I've been really happy you to sit and watch me win again and win again and win again.

31:03

I know it's probably getting on me.