#PuertoRico #FBI: If the information on Wanda Vázquez that Prosecution has was obtained with the notorious #PegasusSoftware, it may be inadmissible in the Court of Law, because this method, used by the FBI on the pilot basis, is #ILLEGAL! INVESTIGATE THE INVESTIGATORS!
If the information that Prosecution has was obtained with the notorious #PegasusSoftware, it may be inadmissible in the Court of Law, because this method, used by the FBI on the pilot basis, is #ILLEGAL!
INVESTIGATE THE INVESTIGATORS!
https://t.co/wXBzQZWEcZ
My Opinion: I support this call:
Let the truth come out, even if FBI-#FBI does not like it. Furthermore, the "gag orders" or non-disclosure requirements may be simply unconstitutional.
Wanda Vázquez pide ser excluida ... - via @primerahora primerahora.com/noticias/polic…
https://t.co/K9zs3NKzQJ
If the information that Prosecution has was obtained with the notorious #PegasusSoftware, it may be inadmissible in the Court of Law, because this method, used by the FBI on the pilot basis, is #ILLEGAL!
INVESTIGATE THE INVESTIGATORS!
twitter.com/mikenov/status…
If the information that Prosecution has was obtained with the notorious #PegasusSoftware, it may be inadmissible in the Court of Law, because this method, used by the FBI is #ILLEGAL!
INVESTIGATE THE INVESTIGATORS!
https://t.co/wXBzQZWEcZ
My Opinion: I support this call:
Let the truth come out, even if FBI-#FBI does not like it. Furthermore, the "gag orders" or non-disclosure requirements may be simply unconstitutional.
Wanda Vázquez pide ser excluida ... - via @primerahora primerahora.com/noticias/polic…
#PuertoRico #MyOpinion: If the information that Prosecution has was obtained with the notorious #PegasusSoftware, it may be inadmissible in the Court of Law, because this method is #ILLEGAL!
INVESTIGATE THE INVESTIGATORS! thenewsandtimes.blogspot.com/2022/09/1045-a…
#PegasusSpyware #PegasusTechnology
Phones of Politicians, Journalists ‘Hacked Using Pegasus’; Govt Denies Claim, Says ‘No Concrete Truth’ news18.com/news/india/pho…
Whistleblowers accuse FBI of breaking security regulations, endangering classified documents - Washington Times ino.to/P1w49rQ
Were Wanda Vázquez & Ricardo Rosselló before her
ILLEGALLYY HACKED BY THE FBI (or their proxies) IN A SIMILAR WAY? INVESTIGATE!
Spain's Pedro Sánchez was hacked with Pegasus spyware 4i-mag.com/spanish-pm-ped…
Were Wanda Vázquez and Ricardo Rosselló
#ILLEGALLYY #HACKED BY THE FBI IN A SIMILAR WAY?
INVESTIGATE IT!
Politicians hacked with Pegasus spyware - Google Search google.com/search?q=Polit… nytimes.com/2022/05/02/wor…
#PegasusSpyware #PegasusTechnology
"In the U.S. officials have confirmed that the FBI acquired Pegasus technology, though only for testing."
politico.com/news/2022/05/3…
Michael Novakhov's favorite articles on Inoreader inoreader.com/stream/user/10…
Was Puerto Rico - #PuertoRico especially suitable ground for this "TESTING", for the various reasons?
https://t.co/MkHCqkwOgl
#PegasusSpyware #PegasusTechnology
"In the U.S. officials have confirmed that the FBI acquired Pegasus technology, though only for testing."
politico.com/news/2022/05/3…
Michael Novakhov's favorite articles on Inoreader inoreader.com/stream/user/10…
#PegasusSpyware #PegasusTechnology
Rubio said: “I tell everybody... anything you do on a mobile device or that is connected to the internet is vulnerable."
Michael Novakhov's favorite articles on Inoreader inoreader.com/stream/user/10…
#PegasusSpyware #PegasusTechnology
"Pegasus is also virtually invisible: It can be installed with #ZeroClicks, including through a #text #message just being sent ..."
Michael Novakhov's favorite articles on Inoreader inoreader.com/stream/user/10…
How #Democracies #Spy on Their #Citizens | The New Yorker newyorker.com/magazine/2022/…
:format(jpeg)/cloudfront-us-east-1.images.arcpublishing.com/gfrmedia/ND6HMF5VMZCQVCHTOLMFHKNQHQ.jpg)
La exgobernadora de Puerto Rico, Wanda Vázquez Garced solicitó ayer al tribunal federal ser excluida de la orden de mordaza impuesta en el caso criminal que enfrenta en ese foro.
En la moción presentada, sus abogados Ignacio Fernández y Luis Plaza, sugirieron que la mordaza afecta a la exmandataria ya que no puede defenderse públicamente de informaciones que salen en los medios de comunicación.
Con esta acción, la exgobernadora quiere poder hacer expresiones públicas y así dar su versión sobre alegaciones que han surgido sobre el caso.
A modo de ejemplo, los abogados señalaron que informaciones periodísticas sobre una moción presentada por la fiscalía que informaba sobre 24 grabaciones que generó el FBI durante la investigación del caso contra la exmandataria.
“Una foto de la gobernadora (Vázquez Garced) siempre aparece justo debajo de los titulares. Una interpretación de sentido común de este titular lleva al lector no-informado a creer que la gobernadora estuvo presente en todas, o en algunas, de las 24 grabaciones y que debe ser culpable de los cargos”, reza la moción.
La orden de mordaza emitida por el juez Raúl Arias Marxuach, prohíbe que las partes del caso hablar con la prensa o a través de las redes sociales “cualquier información” que tenga alguna restricción.
El Negociado Federal de Investigaciones (FBI, en inglés) arrestó el pasado 4 de agosto a Vázquez Garced en su residencia en Montehiedra.
La exmandataria enfrenta varios cargos por defraudar el gobierno, soborno con fondos federales y fraude electrónico. La jueza le impuso una fianza de $50,000.
De ser encontrada culpable por defraudar al gobierno, se le podría imponer una multa de $250,000 y tres años de libertad supervisada. Mientras, por soborno con fondos federales podría enfrentar hasta 10 años de cárcel y tres años de libertad supervisada, así como $250,000 de multa. Por fraude electrónico, también podría recibir una multa de $250,000 y tres años de libertad supervisada.
Vazquez Garced, quien llegó a La Fortaleza en agosto del 2019 luego de la renuncia del exgobernador Ricardo Rosselló en ese mismo año, fue arrestada esta madrugada en su residencia por agentes del Negociado de Investigaciones Federales (FBI, en inglés).
Las riendas del País recayeron sobre la exmandataria aquel año dado a que, al quedar vacantes los puestos de gobernador y secretario de Estado, el secretario de Justicia es quien debe asumir el cargo de Primer Ejecutivo, según la línea de sucesión establecida en la Constitución de Puerto Rico. Para ese entonces, Vázquez Garced fungía como secretaria de Justicia, puesto que comenzó en enero de 2017.
La hoy acusada a nivel federal también fue Procuradora de las Mujeres desde el 2010 al 2016, nombrada por el exgobernador Luis Fortuño.
Anterior a esos cargos, se desempeñó por unos 20 años como fiscal y litigó casos de relevancia mediática como el de la Masacre de Pájaros y el de una embarazada asesinada cuyo principal sospechoso era su pareja, un miembro de la Policía. Sin abandonar el oficio de litigar, dirigió la Unidad Especializada de Violencia Doméstica, Delitos Sexuales y Maltrato a Menores en la Región Judicial de Bayamón, donde luego ejerció como fiscal del distrito.
Su trayectoria en el servicio público comenzó en la década de los 80 cuando trabajó en el Departamento de la Vivienda.
NSO Group’s Pegasus spyware can turn any infected smartphone into a remote microphone and camera, spying on its own owner while also offering the hacker – usually in the form of a state intelligence or law enforcement agency – full access to files, messages and, of course, the user’s location.
Pegasus is one of a number of proprietary tools sold as part of the hacker-for-hire industry – and one found at the very high-end of that dark market. Other companies offer less expensive services – for example, only providing geolocation services for its clients.
"Netanyahu bet everything on Trump": Inside Israel's Iran bind. LISTEN
<<< The NSO File: A Complete (Updating) List of Individuals Targeted With Pegasus Spyware >>>
So how can you protect yourself? And how can you check to see if your phone has been targeted in the past or is infected now?
Haaretz offers a simple, nontechnical explanation on how to check and stay safe...
The weakest link
Most cellphone spyware operates in a similar fashion: a message is sent to a phone with a nefarious message. The message usually contains a link that will either download the malware onto your device directly, or refer it to a website that will prompt a download – all unbeknown to the phone’s owner.
There are other ways to get your phone to download something that don't involve a message. However, from the moment of infection, most spyware tools follow a similar protocol: once installed, the spyware contacts what is called a “command-and-control” server, which provides it with instructions remotely.
“Let’s say the Israel Police are the ones who installed Pegasus on your smartphone and they want to know where you – or, more precisely, your phone – has been in the previous 24 hours. To get that information, instructions to obtain that data are sent to a C&C server connected to the phone,” explains Dr. Gil David, a researcher and cybersecurity consultant.
The best way to stay safe, any cybersecurity expert will tell you, is to never – ever! – open any link sent to you, unless it's a link you are expecting from someone you know and trust.
The reason is that, once infected, “the C&C server communicates between the hacker and the spyware installed on your phone. Without it, the hacker has no way of relaying instructions to Pegasus, and Pegasus has no way to get information from the victim’s phone back to the hacker,” David writes in Haaretz Hebrew.
Many times, the links sent to you will appear innocent. It may look like a message from the Post Office or Amazon. But don’t be fooled: Through some simple social engineering and a process called “DNS spoofing,” even an official-looking URL may be a trap.
Double zero
Sadly, staying safe is not always possible.
What makes Pegasus so expensive is its ability to not just potentially infect any smartphone selected for targeting remotely, but to do so with a “zero click” infection. This means your phone can be infected without you even having to click on a link – for example, with the code instructing your phone to reach out to the server secretly encoded into a WhatsApp message or even in a file like a photo texted to you via iMessage.
These “zero click” attacks make use of what is called “zero-day” exploits: unknown loopholes in your phone’s defenses that allow these hidden bits of code to kick into action without the victim doing anything.
So, another good practice is to make sure your phone’s operating system is as updated as possible: As new exploits are discovered, they are quickly “patched” by the likes of Apple and Google.
According to digital forensics experts Amnesty International and Citizen Lab, Pegasus’ zero click infections have only been found on iPhones. “Most recently, a successful ‘zero-click’ attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021,” Amnesty notes in its instructive report “How to Catch NSO Group’s Pegasus.”
It seems Pegasus’ ability to infect iPhones was based on a previously unknown loophole in the iMessage service, and this too has subsequently been patched. However, other Israel firms, for instance QuadDream, reportedly have such abilities as well.
“From 2019, an increasing amount of vulnerabilities in iOS, especially iMessage and FaceTime, started getting patched thanks to their discoveries by vulnerability researchers, or to cybersecurity vendors reporting exploits discovered in-the-wild,” Amnesty writes – so make sure your phone is updated.
Indicators of compromise
Groups like Amnesty and Citizen Lab find NSO’s spyware on phones using two different methods. Both involve searching for what is termed “indicators of compromise,” or IOCs.
Amnesty maintains a database of nefarious domains used by NSO’s clients. The list is constantly updating as more bogus URLs are found. Citizen Lab, meanwhile, also maintains a database of so-called vectors: messages sent to victims containing nefarious code or URLS. The two groups each maintain updated lists of Pegasus’ related processes that together permit attribution.
The only thing that has changed with Pegasus over the years is the way your phone is referred to the server, and the way the so-called payload is delivered.
“While SMS messages carrying malicious links were the tactic of choice for NSO Group’s customers between 2016 and 2018, in more recent years they appear to have become increasingly rare,” Amnesty wrote in its July 2021 report.
The newer trend, discovered in the case of Moroccan journalist Omar Radi, who was infected with Pegasus in 2020, is what is known as “packet injection.” This means that the download order is delivered not through a message but instead through your network, in the form of a hidden command “injected” into the phone through what Amnesty describes as “tactical devices, such as rogue cell towers, or through dedicated equipment placed at the mobile operator.
“The discovery of network injection attacks in Morocco signaled that the attackers’ tactics were indeed changing. Network injection is an effective and cost-efficient attack vector for domestic use especially in countries with leverage over mobile operators,” it explained.
As NSO’s clients are state agencies, they can easily make use of the mobile infrastructure to infect phones.
Therefore, and though such injection infections can also be forced upon you, other good practices include never using free Wi-Fi; never connecting to wireless networks you do not absolutely know are secure – as these networks can easily be hacked so they infect your phone and refer it to the snooping server. Not using so-called VPNs is also advisable for the same reason.
Get checked, get vaccinated
Chances are you have not been infected with Pegasus. However, if you have cause for concern and are scared you are or were infected, there are a few options:
Amnesty offers a useful, free and open source tool called the Mobile Verification Toolkit that can check a backup of your device or its logs for any IOC. The MVT will scan your iPhone’s logs for Pegasus-related processes or search your Android's messages for nefarious links.
The tool can be downloaded here. The bad news is that it requires some technical know-how and is currently devoid of a simple-to-use interface.
To get it to work, you first need to make a specific type of backup of your phone, and then you need to download the program and run the code on your computer so it can scan the file you created.
Running the program requires you to download Python. Luckily, the tool comes with very clear instructions, and even those unskilled in code can make use of it with a bit of effort. Furthermore, it also allows you to conduct the test yourself.
A similar product is iMazing, a phone-backup platform that runs on your desktop and provides a MVT-like analysis of your device. It does not prevent infections but can check your phone for IOCs.
If the best offense is defense, there’s also a growing cellphone security market. Cyberdefense firms like ZecOps offer organizations like the BBC and Fortune 2000 companies a platform that inspects phones for current infections or traces of historic attacks. ZecOps also provides this service pro bono for journalists involved in the Pegasus Project.
Private users can also buy such services. For example, the Israeli-Indian security firm SafeHouse Technologies offers an app called “BodyGuard” that provides defenses for your phone, for a small price. It already has more than a million users, mostly in India.
If you can’t get the Mobile Verification Toolkit to work and are reluctant to use an app, and you genuinely fear you have been targeted, you can also drop us a tip here and we at Haaretz will get you checked.
In Israel’s legislature, Arab politicians are leading a modest movement to examine the state’s relationship with NSO. The Arab party leader Sami Abou Shahadeh told me, “We tried to discuss this in the Knesset twice . . . to tell the Israeli politicians, You are selling death to very weak societies that are in conflict, and you’ve been doing this for too long.” He added, “It never worked, because, first and morally, they don’t see any problem with that.” Last fall, an investigation by the watchdog group Front Line Defenders identified Pegasus infections on the phones of six Palestinian activists—including one whose Jerusalem residency status had been revoked. Abou Shahadeh argued that the history of Israel’s spyware technology is tied to the surveillance of Palestinian communities in the West Bank, East Jerusalem, and Gaza. “They have a huge laboratory,” he told me. “When they were using all the same tools for a long time to spy on Palestinian citizens, nobody cared.” Asked about the targeting of Palestinians, Hulio said, “If Israel is using our tools to fight crime and terror, I would be very proud of it.”
“I know there have been misuses,” Hulio said. “It’s hard for me to live with that. And I obviously feel sorry for that. Really, I’m not just saying that. I never said it, but I’m saying it now.” Hulio said that the company has turned down ninety customers and hundreds of millions of dollars of business out of concern about the potential for abuse. But such claims are difficult to verify. “NSO wanted Western Europe mainly so they can tell guys like you, Here’s a European example,” the former Israeli intelligence official, who now works in the spyware sector, said. “But most of their business is subsidized by the Saudi Arabias of the world.” The former employee, who had knowledge of NSO’s sales efforts, said, “For a European country, they would charge ten million dollars. And for a country in the Middle East they could charge, like, two hundred and fifty million for the same product.” This seemed to create perverse incentives: “When they understood that they had misuse in those countries that they sold to for enormous amounts of money, then the decision to shut down the service for that specific country became much, much harder.”
Asked about the extreme abuses ascribed to his technology, Hulio invoked an argument that is at the heart of his company’s defense against WhatsApp and Apple. “We have no access to the data on the system,” he told me. “We don’t take part in the operation, we don’t see what the customers are doing. We have no way of monitoring it.” When a client buys Pegasus, company officials said, an NSO team travels to install two racks, one devoted to storage and another for operating the software. The system then runs with only limited connection to NSO in Israel.
But NSO engineers concede that there is some real-time monitoring of systems to prevent unauthorized tampering with or theft of their technology. And the former employee said, of Hulio’s assurances that NSO is technically prevented from overseeing the system, “That’s a lie.” The former employee recalled support and maintenance efforts that involved remote access by NSO, with the customer’s permission and live oversight. “There is remote access,” the former employee added. “They can see everything that goes on. They have access to the database, they have access to all of the data.” The senior European law-enforcement official told me, “They can have remote access to the system when we authorize them to access the system.”
NSO executives argue that, in an unregulated field, they are attempting to construct guardrails. They have touted their appointment of a compliance committee, and told me that they now maintain a list of countries ranked by risk of misuse, based on human-rights indicators from Freedom House and other groups. (They declined to share the list.) NSO also says that customers’ Pegasus systems maintain a file that records which numbers were targeted; customers are contractually obligated to surrender the file if NSO starts an investigation. “We have never had a customer say no,” Hulio told me. The company says that it can terminate systems remotely, and has done so seven times in the past few years.
The competition, Hulio argued, is far more frightening. “Companies found themselves in Singapore, in Cyprus, in other places that don’t have real regulation,” he told me. “And they can sell to whoever they want.” The spyware industry is also full of rogue hackers willing to crack devices for anyone who will pay. “They will take your computers, they will take your phone, your Gmail,” Hulio said. “It’s obviously illegal. But it’s very common now. It’s not that expensive.” Some of the technology that NSO competes with, he says, comes from state actors, including China and Russia. “I can tell you that today in China, today in Africa, you see the Chinese government giving capabilities almost similar to NSO.” According to a report from the Carnegie Endowment for International Peace, China supplies surveillance tools to sixty-three countries, often through private firms enmeshed with the Chinese state. “NSO will not exist tomorrow, let’s say,” Hulio told me. “There’s not going to be a vacuum. What do you think will happen?”
NSO is also competing with Israeli firms. Large-scale hacking campaigns, like the one in Catalonia, often use tools from a number of companies, several founded by NSO alumni. Candiru was started in 2014, by the former NSO employees Eran Shorer and Yaakov Weizman. It was allegedly linked to recent attacks on Web sites in the U.K. and the Middle East (Candiru denies the connection), and its software has been identified on the devices of Turkish and Palestinian citizens. Candiru has no Web site. The firm shares its name with a parasitic fish, native to the Amazon River basin, that drains the blood of larger fish.
QuaDream was founded two years later, by a group including two other former NSO employees, Guy Geva and Nimrod Reznik. Like NSO, it focusses on smartphones. Earlier this year, Reuters reported that QuaDream had exploited the same vulnerability that NSO used to gain access to Apple’s iMessage. QuaDream, whose offices are behind an unmarked door in the Tel Aviv suburb of Ramat Gan, appears to share with many of its competitors a reliance on regulation havens: its flagship malware, Reign, is reportedly owned by a Cyprus-based entity, InReach. According to Haaretz, the firm is among those now employed by Saudi Arabia. (QuaDream could not be reached for comment.)
Other Israeli firms pitch themselves as less reputationally fraught. Paragon, which was founded in 2018 by former Israeli intelligence officials and includes former Prime Minister Ehud Barak on its board, markets its technology to offices within the U.S. government. Paragon’s core technology focusses not on seizing complete control of phones but on hacking encrypted messaging systems like Telegram and Signal. An executive told me that it has committed to sell only to a narrow list of countries with relatively uncontroversial human-rights records: “Our strategy is to have values, which is interesting to the American market.”
In Catalonia, Gonzalo Boye, an attorney representing nineteen people targeted by Pegasus, is preparing criminal complaints to courts in Spain and other European countries, accusing NSO, as well as Hulio and his co-founders, of breaking national and E.U. laws. Boye has represented Catalan politicians in exile, including the former President Carles Puigdemont. Between March and October of 2020, analysis by the Citizen Lab found, Boye was targeted eighteen times with text messages masquerading as updates from Twitter and news sites. At least one attempt resulted in a successful Pegasus infection. Boye says that he now spends as much time as possible outside Spain. In a recent interview, he wondered, “How can I defend someone, if the other side knows exactly everything I’ve said to my client?” Hulio declined to identify specific customers but suggested that Spain’s use of the technology was legitimate. “Spain definitely has a rule of law,” he told me. “And if everything was legal, with the approval of the Supreme Court, or with the approval of all the lawful mechanisms, then it can’t be misused.” Pere Aragonès, the current President of Catalonia, told me, “We are not criminals.” He is one of three people who have served in that role whose phones have been infected with Pegasus. “What we want from the Spanish authorities is transparency.”
Last month, the European Parliament formed a committee to look into the use of Pegasus in Europe. Last week, Reuters reported that senior officials at the European Commission had been targeted by NSO spyware. The investigative committee, whose members include Puigdemont, will convene for its first session on April 19th. Puigdemont called NSO’s activities “a threat not only for the credibility of Spanish democracy, but for the credibility of European democracy itself.”
NSO Group also faces legal consequences in the U.K.: three activists recently notified the company, as well as the governments of Saudi Arabia and the U.A.E., that they plan to sue over alleged abuses of Pegasus. (The company responded that there was “no basis” for their claims.)
NSO continues to defend itself in the WhatsApp suit. This month, it filed an appeal to the U.S. Supreme Court. “If we need to go and fight, we will,” Shmuel Sunray, NSO’s general counsel, told me. Lawyers for WhatsApp said that, in their fight with NSO, they have encountered underhanded tactics, including an apparent campaign of private espionage.
On December 20, 2019, Joe Mornin, an associate at Cooley L.L.P., a Palo Alto law firm that was representing WhatsApp in its suit against NSO, received an e-mail from a woman who identified herself as Linnea Nilsson, a producer at a Stockholm-based company developing a documentary series on cybersecurity. Nilsson was cagey about her identity but so eager to meet Mornin that she bought him a first-class plane ticket from San Francisco to New York. The ticket was paid for in cash, through World Express Travel, an agency that specialized in trips to Israel. Mornin never used the ticket. A Web site for the documentary company, populated with photos from elsewhere on the Internet, soon disappeared. So did a LinkedIn profile for Nilsson.
Several months later, a woman claiming to be Anastasia Chistyakova, a Moscow-based trustee for a wealthy individual, contacted Travis LeBlanc, a Cooley partner working on the WhatsApp case, seeking legal advice. The woman sent voice-mail, e-mail, Facebook, and LinkedIn messages. Mornin identified her voice as belonging to Nilsson, and the law firm later concluded that her e-mail had come from the same block of I.P. addresses as those sent by Nilsson. The lawyers reported the incidents to the Department of Justice.
The tactics were similar to those used by the private intelligence company Black Cube, which is run largely by former officers of Mossad and other Israeli intelligence agencies, and is known for using operatives with false identities. The firm worked on behalf of the producer Harvey Weinstein to track women who had accused him of sexual abuse, and last month three of its officials received suspended prison sentences for hacking and intimidating Romania’s chief anti-corruption prosecutor.
Black Cube has been linked to at least one other case involving NSO Group. In February, 2019, the A.P. reported that Black Cube agents had targeted three attorneys involved in another suit against NSO Group, as well as a London-based journalist covering the case. The lawyers—Mazen Masri, Alaa Mahajna, and Christiana Markou—who represented hacked journalists and activists, had sued NSO and an affiliated entity in Israel and Cyprus. In late 2018, all three received messages from people who claimed to be associated with a rich firm or individual, repeatedly suggesting meetings in London. NSO Group has denied hiring Black Cube to target opponents. However, Hulio acknowledged the connection to me, saying, “For the lawsuit in Cyprus, there was one involvement of Black Cube,” because the lawsuit “came from nowhere, and I want to understand.” He said that he had not hired Black Cube for other lawsuits. Black Cube said that it would not comment on the cases, though a source familiar with the company denied that it had targeted Cooley lawyers.
“People can survive and can adapt to almost any situation,” Hulio once told me. NSO Group must now adapt to a situation in which its flagship product has become a symbol of oppression. “I don’t know if we’ll win, but we will fight,” he said. One solution was to expand the product line. The company demonstrated for me an artificial-intelligence tool, called Maestro, that scrutinizes surveillance data, builds models of individuals’ relationships and schedules, and alerts law enforcement to variations of routine that might be harbingers of crime. “I’m sure this will be the next big thing coming out of NSO,” Leoz Michaelson, one of its designers, told me. “Turning every life pattern into a mathematical vector.”
The product is already used by a handful of countries, and Hulio said that it had contributed to an arrest, after a suspect in a terrorism investigation subtly altered his routine. The company seemed to have given little consideration to the idea that this tool, too, might spur controversy. When I asked what would happen if law enforcement arrested someone based on, say, an innocent trip to the store in the middle of the night, Michaelson said, “There could be false positives.” But, he added, “this guy that is going to buy milk in the middle of the night is in the system for a reason.”
Yet the risk to bystanders is not an abstraction. Last week, Elies Campo decided to check the phones of his parents, scientists who are not involved in political activities, for spyware. He found that both had been infected with Pegasus when he visited them during the Christmas holiday in 2019. Campo told me, “The idea that anyone could be at risk from Pegasus wasn’t just a concept anymore—it was my parents sitting across the table from me.” On his mother’s phone, which had been hacked eight times, the researchers found a new kind of zero-click exploit, which attacked iMessage and iOS’s Web-browsing engine. There is no evidence that iPhones are still vulnerable to the exploit, which the Citizen Lab has given the working name Homage. When the evidence was found, Scott-Railton told Campo, “You’re not going to believe this, but your mother is patient zero for a previously undiscovered exploit.”
During a recent visit to NSO’s offices, windows and whiteboards across the space were dense with flowcharts and graphics, in Hebrew and English text, chronicling ideas for products and exploits. On one whiteboard, scrawled in large red Hebrew characters and firmly underlined, was a single word: “War!” ♦
Georgia Gee conducted additional research for this piece.
An earlier version of this story misstated the time of a Pegasus infection on a device connected to the network at 10 Downing Street.
Comments
Post a Comment