Is there more info about why this is technically impossible or is it just their PR way of saying "sorry, the day we do this we're screwed as a company"?
> A person familiar with NSO operations who spoke on the condition of anonymity to discuss internal company matters said Sunday that +1 phones are safe from Pegasus no matter where they are in the world. The system is programmed to block efforts to hack them, the person said.
> The person also said Pegasus can determine where a phone is geographically and block any efforts to hack a foreign-registered phone while it is inside the United States.
> But there is no way to determine the nationality of the user of a phone registered to a foreign system.
[1]: https://www.washingtonpost.com/national-security/2021/07/19/us-phone-numbers-nso/There's no reason an exception to that business logic isn't part of the system (and we have no way to verify/prove one way or the other).
https://krebsonsecurity.com/2021/05/try-this-one-weird-trick...
My guess is that such a restriction is in place to meet contractual obligations. If you weaponize an exploit against US targets, you'll never get a US based broker to sell further exploits to you.
If you weaponize an exploit against US - especially US government - targets you jeopardize the military and intelligence alliance that keeps your country alive, not to mention the standing FBI warrants if you have the misfortune to enter the country, nor the forfeiture of your ability to use the world banking system.
One possible way to force a bit of scrutiny upon NSO group would be to crowdfund an Pegasus subscription and use it against Netanyahu.
Any serious suggestions what we can do to ensure that in the long run there will be less and not more "Hacking for hire" companies lending their tools for use against journalists and the opposition?
Shit will really hit the fan when the "ransomware as a service" discovers the "targeted surveillance as a service" business model.. Interesting times to be alive.
News articles talking about the massive aggregation of data come up every now and then, but I don't think the general public understands it well enough to be angry let alone scared. They may not have a name to a face, but guaranteed if you've been in a public place in the past few years, there's a record somewhere that you were there.
What may be more frightening is that it's untargeted
Is it just a commercial service in the first place? Or a deniability cover for Israeli spy agencies?
Remember, every pegasos hit was cleared by Israeli cabinet as a "weapon export"
This reminds me of a story I heard at a presentation when working at a bank. A politician was going through a closing process for property he was purchasing. He had an issue and found out that the banks automatically tac on PMI for his type of loan, regardless of loan to value ratios.
A year later, their state passed legislation saying PMI cannot be forced on mortgaged loans with certain ratios and must be disclosed before closing.
Funny how things work :)
https://en.wikipedia.org/wiki/Berwyn_Heights,_Maryland_mayor...
I'm afraid this story doesn't have a good ending in the long term, though - the law expired in 5 years, and wasn't renewed.
One possible way to force a bit of scrutiny upon NSO group would be to crowdfund an Pegasus subscription and use it against Netanyahu.
This is just the moroccan gov that is too incompetent to do it by themselves but have to use a third party consulting firm for the job.
And so, there will be no consequence, because all the other governments know very well that they are dirty too, so there will just be a few soft offense word and then trying to have the population forget as fast as possible...
It _is_ shocking news: the Israelis are selling munitions to the Moroccan government explicitly for use against the French state.
https://www.thelocal.se/20120525/41042/ (not quite a smoking gun, there)
Also this gives NSO the opportunity to hang themself with their own rope: have NSO specifically deny allegations from one update, then show the allegations to be true in the next update and thereby revealing the company management to be liars.
[0]https://www.npr.org/2021/07/19/1017844801/biden-administrati...
> Charles Michel, the president of the European Council, who appears to have been chosen as a person of interest by Morocco in 2019, when he was prime minister of Belgium.