Beware the Beast of Brussels
Their clients picked on the wrong people. Eurocrats are now going to regulate, and fine, the crap out of NSO and its products. The company and its clients will suffocate in red tape.
Someone at least tried to use NSO Group's surveillance software to spy on European Commission officials last year, according to a Reuters report. European Justice Commissioner Didier Reynders and at least four commission staffers were targeted, according to the news outlet, citing two EU officials and documentation. The …
Must be some zero-click fans on here.
Or, more probably, anti-bureaucrats.
While I can empathise with libertarian fears and loathing? I'd rather have large bureaucracies with the power to shut down shithole ops like NSO, than the net become a wtfever free-for-all.
At least more than it already it is.
Probably not, as it isn't an EU company, and the Commission won't be able to stop the various member states from using Pegasus or similar anyway.
I'd be very surprised if the tech involved isn't already understood and security services are not already running their own clones without NSO being involved.
By the time the Commission has come up with a plan, Pegasus won't even be a thing any more. (Given the ability to detect it now, Pegasus may already be RIP.)
Why would regulations be bad?
GDPR, the Charter of Fundamental Rights of the European Union, the European Convention on Human Rights, the European Social Charter are examples of regulations serving the interests of citizens. They help us European citizens to be better protected and safer.
It was supposed to be a joke, but that obviously didn't come across and has instead touched some Brexit nerves.
A close relative worked for 30 years at the Commission, so I am in favor of regulations and regulators! However, while I am glad to reside in an EU member state, I am also aware of how choked up and inefficient things can become at the Commission.
Yeah. You understand that in this case, “their clients” means a nation government, right?CitizenLab did some clever geographic fingerprinting, and have a list of which countries are doing this.
Out of these, the credible list is: France, Greece, Netherlands, Poland, UK, USA
The target was the European Justice Minister from 2019 onwards. He doesn’t have military or external trade secrets. Neither the U.K. nor USA are impacted in any way by what goes on in his office.
So it’s either France, Greece, Netherlands, Poland.
If you have a look at the heat-map produced by CitizenLabs, it’s *French government* snooping on the EU.
What were you expecting?
But it sent a statement to Reuters saying that it wasn't responsible, and that targeting EU commissioners and staffers "could not have happened with NSO's tools."
Just like they can't target US citizens or Israeli nationals?
Oh wait, NSO sold a version of their software to Israeli organsiation that could target Israeli citizens and offered to US government agencies a version that could target US citizens.
Not to mention that they are just totally wrong. NSO software can't just 'magically' know that the user of a phone is a US citizen, an Israeli citizen, or a member of the EU commission. What if a US citizen visits Brazil on an extended visa, work permit or long-term tourist visa and decides, reasonably, to get a local Brzailian Telco's phone and phone number so they domn't have to pay international rates for using their US phone in Brazil for contacting locals. Of course the NSO software won't know that that Brazilian telephone number is being used by a US citizen. Likewise, if an EU commissioner decides to get a personal phone from their local telco store down the road - to keep their 'work' and personal life/personas separate - how would NSO 'know' that that number belongs to an EU commissioner and thus not allow targeting of that number?
Lieing morons, the fucking lot of them.
NSO stating that their software could not be used like that is pure cow manure.
At best, NSO could have said that all of their clients were aware that their software should not be used like that. That might have been acceptable, except that they specifically created software that hijacks mobile phones.
You don't do that when you're honest.
There is such software.
You can get virtual 'online only' phones - that is, they don't actually run on anything you'd recognise as 'a phone'.
There is nothing 'special' about the mobile phone system that requires a 'physical' mobile phone. If you have the technical know-how and/or access to the right software, you can use a deskotp computer to receive and make 'mobile' calls. All the phone network needs is an IMEI number and a SIM number.
It's just that currently this is a rather esoteric need, quite niche, therefore the alternatives aren't widely known, supported or available, and those that are, aren't designed with the average consumer in mind, therefore expect a certain level of technical (not just computers but telephone network expertise) knowledge.
Unfortunately the mobile telephony is a tightly closed ecosystem so the problem is not getting a virtual phone. It's the entity that will provide you that phone than can be compelled to offer you a "specially crafted" virtual phone image so you can be spied upon. Even if you control the end-point (good luck with that), those who control the infrastructure will dictate the rules of the game.
In the end, it's a lot of work with no notable returns in terms of privacy. You will agree with me that these days privacy is worth your weight in gold, that's way everybody and his dog is out to get it.
Known users of NSO Pegasus:
- Saudi Arabia
....and if these two are using NSO Pegasus then you can bet that EVERY OTHER FIVE-EYES COUNTRY is also using the software........
---and maybe the NSO company might have taken some money from others......Iran? China? Russia? UK? .... who knows?
So.....maybe carrying an iPhone might not be such a good idea! Cool...Yes!....Problematic...Also Yes!
Sorry.....my mistake.....should have said iPhone or Android........
Put your guess aside, and focus on what we actually know:
And out of those 45 countries, very few have interest or incentive to snoop on the European Justice Minister. His role is inward-facing only. None of the Five Eyes care what judgements he sends down, as they affect only EU countries.
Basically, it’s one of France, Greece, Netherlands, Poland. And highly likely to be France, although possibly Poland.