We know about Pegasus/NSO and its a fun subject to follow, but in all honesty, every engineer privy to the 0-day bank that powers it could build one of their own, or sell it to another group, and no one would know
This isn’t a business model you bootstrap by publishing to an appstore and paying influencer to promote - this isn’t “Raid of Warduty Call of Legends”. You need high level government contacts that can open doors as these deals don’t usually come up on public tenders, and you need people that can manage a relationship with both your host government and client governments especially if either or both are unstable and falling out of favor with a specific regime would result in high legal risk or even actual risk to the safety of you or your employees.
A couple of engineers taking a bag of goodies are more likely than not to end up in prison like the former NSA folks that took up freelancing for Saudi Arabia.
Or is that what Pegasus/NSO basically already provide, as a feature?
considering shell are mainly used for deeply corrupt ends, this isn't a far stretch. similarly, things that seem like duopolies today might well be revealed to be monopolies in reality if actual ownership records became public. i imagine the false public perception of a market that has fair competition is very valuable as it maintains the illusion of choice. similarly, regarding spying by USA; i imagine Crypto AG was/isn't the only CIA front.
aka Blackmail
I think there may actually have been a warrant for some part of the access, idk.
I'm not saying it doesn't happen but it would be quite a scandal to find that the government was performing warrantless exploitation of citizen's personal devices. Maybe someone can correct me here and show that this has been the case.
Then, there’s also a group of countries that simply cannot afford / don’t have the people to do these things.
How do I know? Consider the usual suspects for these operations: the US, Israel, Russia, and China. For every single one of them, we also have examples of their work that got leaked or otherwise exposed.
What are the chances that Belgium happens to be the country that manages to run such a program and keep it secret? Or Equatorial Guinea?
Then, there’s also the growing list of known customers of NSO: if two dozens of them decided to buy this software, chances are they do not have homegrown solutions with similar capabilities. Nor does it seem as if there were any other sellers at NSO’s scale. Meaning: if we successively learn about all of NSO’s business, we might be getting close to knowing everything there is to know about the sector, with the exception of the large countries mentioned above.
Implied is the statement that the end justifies the means. But how do you weigh the proportionality of measures taken? Do you adopt a utilitarian point of view, looking at, say, deaths prevented? Is anything game, or should agencies be expected to uphold a code of conduct, bill of rights or exclude entire categories of information? How do you assess what is or isn't a threat to a country and thereby something it needs to be protected from? What is a country - the president, the party, the government, its citizenry, businesses?
Second, with the popularity of invoking "national security" as an authority argument, how can these agencies ever be accountable? Who watches the watchmen? Are we to trust agencies reporting on the number of e.g. terrorist incidents prevented, especially if the information sources are opaque and there's an obvious conflict of interest?
Third, given the existence of programs like MK Ultra and Cointelpro, is it really safe to say agencies won't try to overreach? With examples like the Stargate program ("Men Who Stare At Goats"), should we have faith they know what they're doing?
No, everybody does most definitely not do this! That is just not true.
Vault7 was the first leak de facto proving these things existed, why the f#ck are we still surprised now, almost 5 years later, that these things are being used and there is a market here opened for politicians,private individuals, governments, etc.?
Awareness is good, but who(or better said: what institutions, what parties, etc) are you seeing advocating for more privacy, security, transparency in software and hardware, etc?
I will go one step further here beyond the simple "more privacy, security,etc." rhetoric, which i'm sure every HN user has heard to the point of ears bleeding, and I hate to say this but one cannot fully understand something until either s/he makes it, he hacks it(for the purpose of at least understanding) or becomes subject to the tool's effects.Far too many times people use something without even reading the TOS, let alone understanding the mechanisms behind the technology.At this point i have little sympathy for people who do not take the time and putting in the work of understanding a technology >for their own benefit<.
Because nobody who is at least semi-literate in this field was born with the knowledge, and while arguably it's our duty to point less knowledgeable people to inform themselves, we cannot tire ourselves to death by promoting (or allowing others who promote) this "usable-first, hussle-free, happy jolly" tech ecosystem and then also act surprised when the masses don't have a f*cking clue what's going on, because effectively we trained humans to become dumb monkeys with a smartphone, arguably worse.
Some of the companies in the field, in contrast to NSO, do have ethics committees to filter out obviously bad clients. Once when guidelines were described to engineers a question was asked: Would Israel itself pass the ethics committee check?
The answer was "No. But..."
I won't name the company and use temp account deliberately for this comment.
Syria is its own nation and it isn't America's business what it does to its own citizens.
Shame on the engineers who developed it.
Things are different now. Espionage is now automatic and large scale, there's no longer any practical limit on the number of people they can spy on. This is alluring to all kinds of people, from the well-intentioned to the malicious. To them, total surveillance is simply an efficient way to accomplish some goal such as catching some heinous criminal or figuring out what your political opposition is planning. They generally couldn't care less that global surveillance destroys freedom and enables apalling abuses of power at unprecedented scales.
The truth is they would very much enjoy the ability to manage "their" citizens the same way we manage running processes in our computers: total visibility at all times into everything they're doing and the ability to kill them if they become problematic. Traditional police investigations are too hard and time consuming, they want the ability to push a button to reveal the entire life of a suspect.
The East German Stasi came pretty close.
Whether this should surprise you I guess depends on your worldview; whether it should alarm or disturb you, especially if you are an Israeli or in Israel, I guess depends on your view of individual rights and the police.
In the US, we already have police using Stingray interceptors without warrants (and in a similar vein but less problematic, sweeping dragnet warrants issued to cell providers), which are slightly less invasive, but relatively comparable in terms of abuse potential.
https://www.aclu.org/issues/privacy-technology/surveillance-...
Like yeah, you jerks all said it was "smolani masriach boged" (stinking traitor lefty) to not vote for transparently sleazy political parties and their STRONG LEADER. Well, I stuck with my stinking lefty treason and now your guy is facing jail time and my party are in charge of the Health Ministry tackling vaccine distribution. So there.
I mean - do you recall, as a part of the Snowden leaks, there was a small amount of information that came out that there was some channel/mechanism by which israel was effectively given a firehose of data from the collective five-eyes...
I don't quite recall the details, but it was a revelation because via that firehose they were getting more data than was thought to be 'allowed'/previously known...
I maintain that we in Israel are still a very normal, western type society, if you take all these rather extreme circumstances into consideration (and, in addition, we are getting quite a lot of tech done ;-) )
That, in a way, is also quite telling.
I’m not sure if the definition of democracy is flexible enough to include non-democracies as long as they bring a note to class giving a good reason. If Israel’s situation does really require essentially doing away with democratic norms, it’s somewhat delusional to still afford it that label, as a sort of temporarily-but-forever-slightly-embarrassed-democracy that protects its citizens’ rights as long as it’s convenient to do so.
But I doubt that state is actually necessary. There has just been too much Austrian-style corruption in the last decade not to suspect some of that to be also in play here.
Let’s wait and see how many politicians of the opposition were targeted in these programs. Because that would be the immediate end to any claims of justification.
Edit: and just to be sure: nobody doubts that Israel is far better than the usual comparisons, i. e. its neighbors and China. It’s just because Israel is considered to be among “the good ones” that it gets criticized more readily. Both because the distance b/w expectations and reality is larger than elsewhere, and because criticism among peers is usually more effective than it is among strangers.
I think what does away with that illusion quickly is the fact that Israel has no civil marriage. In Israel, a Jew cannot marry a Muslim, or a Christian. In the US you can find me someone who is more right-wing than Genghis Khan and yet they probably would still find that surprising. Israel is cosmopolitan, in the way the UAE is, but it is not a secular Western state. It doesn't need to be because not being 'Western' doesn't imply being bad at all.
Wow that's an insane opinion.
You're operating a city size ghetto and illegally annexing a part of another country.
I guess in Israel that's normal!
That's not to say everything is perfect, no country is. But in perspective of everyone's actions in the region I support Israel overall.
I don't want to get into a political flamewar, just wanted to offer my support. I disagree with the premise of many opinions here about Israel.
Note that I'm not talking about people that are talking objectively about this specific event, I'm talking about the comments calling Israel an apartheid state, marriage, etc.
And all the other didn't make it.
"depends on the media". FTFY.
The cloak and dagger people are a drop in the bucket.
Military -- Government -- Corporate/tech -- Religions <-- All encapsulated under the intel umbrella.
All seem to be seamlessly aligned within Israel..
--
I mean this is basically what all governments strive for, just that Israel has turned it into an art+science.
The amount of amazing technical innovation that comes from israel is quite stunning.
I would argue that as long as Israel is lobbying the US to make it illegal for Americans to boycott Israel it is in fact our business
https://en.m.wikipedia.org/wiki/Anti-BDS_laws
> The spread of anti-BDS laws in U.S. states is largely due to the lobbying of the Israel Allies Foundation (IAF), an umbrella group of Israel lobbies headquartered in Jerusalem that has received funding from the Israeli government
From the same page:
> ... A dozen local and national parliaments have passed symbolic resolutions condemning BDS. Most of these condemnations have alleged that BDS is anti-Semitic.
Austria, Canada, France, Germany, Spain...
Unfortunately Israel is effectively politically sanction-proof - even for much more abhorrent policies and actions.
Citizens can, but it may require action beyond that as voters, and more especially beyond that as voters in general elections.
