I think I should share. Citizen Lab: Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations
To say the least, I am glad that I moved to GrapheneOS, yet I find this concerning for two reasons. One is the zero-click nature of the whatsapp infection vector (which I somehow removed 4 months ago to reduce my attack surface), and my understanding is that it is believed to be one of many attack vector that are yet to be identified. The other is that Canada is listed, and while I don't live in the province of Ontario I experience a lot of https failures (Vanadium is doing great at stopping that it seems), significantly less after using DNS over TLS but it still happens in an intermittent fashion.
While this is purely theoretical, this would seem to coincide more with Predator than graphite.
Here is my question: how could an average user could get to report these kind of anomalies in a constructive manner? Can the auditor app help collect data, and any point to scan my device with MVT knowing that the public database is somewhat limited?