NSO, Not Government Clients, Operates Its Spyware (theguardian.com)
(Friday November 15, 2024 @10:30PM (BeauHD)
from the behind-the-scenes dept.)
- Reference: 0175479085
- News link: https://yro.slashdot.org/story/24/11/15/2314234/nso-not-government-clients-operates-its-spyware
- Source link: https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp
[1]jojowombl shares a report from The Guardian:
> Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker -- and not its government customers -- [2]is the party that "installs and extracts" information from mobile phones targeted by the company's hacking software. The new details were contained in sworn depositions from NSO Group employees, portions of which were published for the first time on Thursday.
>
> It comes five years after WhatsApp, the popular messaging app owned by Facebook, first announced it was [3]filing suit against NSO . The company, which was blacklisted by the Biden administration in 2021, makes what is widely considered the world's most sophisticated hacking software, which -- according to researchers -- has been used in the past in Saudi Arabia, Dubai, India, Mexico, Morocco and Rwanda. [...] At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting. [...]
>
> To make its case, WhatsApp was allowed by Judge Phyllis Hamilton to make its case, including citing depositions that have previously been redacted and out of public view. In one, an NSO employee said customers only needed to enter a phone number of the person whose information was being sought. Then, the employee said, "the rest is done automatically by the system." In other words, the process was not operated by customers. Rather NSO alone decided to access WhatsApp's servers when it designed (and continuously upgraded) Pegasus to target individuals' phones.
A spokesperson for NSO, Gil Lainer, said in a statement: "NSO stands behind its previous statements in which we repeatedly detailed that the system is operated solely by our clients and that neither NSO nor its employees have access to the intelligence gathered by the system. We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so."
[1] https://slashdot.org/~jojowombl
[2] https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp
[3] https://yro.slashdot.org/story/19/10/29/2032239/facebook-sues-israels-nso-group-over-alleged-whatsapp-hack
> Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker -- and not its government customers -- [2]is the party that "installs and extracts" information from mobile phones targeted by the company's hacking software. The new details were contained in sworn depositions from NSO Group employees, portions of which were published for the first time on Thursday.
>
> It comes five years after WhatsApp, the popular messaging app owned by Facebook, first announced it was [3]filing suit against NSO . The company, which was blacklisted by the Biden administration in 2021, makes what is widely considered the world's most sophisticated hacking software, which -- according to researchers -- has been used in the past in Saudi Arabia, Dubai, India, Mexico, Morocco and Rwanda. [...] At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting. [...]
>
> To make its case, WhatsApp was allowed by Judge Phyllis Hamilton to make its case, including citing depositions that have previously been redacted and out of public view. In one, an NSO employee said customers only needed to enter a phone number of the person whose information was being sought. Then, the employee said, "the rest is done automatically by the system." In other words, the process was not operated by customers. Rather NSO alone decided to access WhatsApp's servers when it designed (and continuously upgraded) Pegasus to target individuals' phones.
A spokesperson for NSO, Gil Lainer, said in a statement: "NSO stands behind its previous statements in which we repeatedly detailed that the system is operated solely by our clients and that neither NSO nor its employees have access to the intelligence gathered by the system. We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so."
[1] https://slashdot.org/~jojowombl
[2] https://www.theguardian.com/technology/2024/nov/14/nso-pegasus-spyware-whatsapp
[3] https://yro.slashdot.org/story/19/10/29/2032239/facebook-sues-israels-nso-group-over-alleged-whatsapp-hack
Time for Interpol to get involved? (Score:3)
by Gravis Zero ( 934156 )
I'm no lawyer but if you keep doing business with a government that violates human rights of the people the you provide information on, you are an accomplice to the crime.
Re: (Score:2)
by Valgrus Thunderaxe ( 8769977 )
Which government is this, specifically?
Re: (Score:3)
by Gravis Zero ( 934156 )
Try reading the summary because there's a list.
Re: (Score:1)
by iAmWaySmarterThanYou ( 10095012 )
Which crimes under which set of laws as enforced by whom?
Re: (Score:2)
by Gravis Zero ( 934156 )
This is for you: [1]https://en.wikipedia.org/wiki/... [wikipedia.org]
[1] https://en.wikipedia.org/wiki/Interpol
Simple test (Score:4, Interesting)
by spaceman375 ( 780812 )
Purchase the software. Give it the phone numbers of the executives, board members, and employees of NSO. See what response you get. This will tell you if NSO controls, or at least knows, who is targeted. If you actually get any real data, I'd suggest that this would be one of the rare times where doxxing is appropriate.
The question should be, who has the kill switch? (Score:2)
When asked like that, it's pretty clear NSO always retain the ability to disable the software. After all, they're always going to want to control/update who it can be used against. Not unlike being able to cut off the supply of munitions.
Re: (Score:2)
who has the kill switch?
Mossad ASIO BND DGSE DIA FSB GCHQ NSA