> The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists. (from the Guardian inquiry about the same topic).
Every time we allow special laws or special tools to fight "terrorism" or "child abuse" or other evils that get people worked up, they end up being used against the people in general. Every time. Why are we even surprised.
It might hard to accept this, but "public health" is now a part of the surveillance justification tool kit too. When it's impossible to argue against measures taken in defense of public health without seeming selfish, why wouldn't it be?
Several state governments in Australia recently had to enact special legislation to stop law enforcement from using covid tracking data to find witnesses and suspects.
All state governments had initially ensured the public that the data was not available to LE, but none of them had actually passed legislation to make it unlawful until journalists discovered that the Police were using the data.
In Germany every piece of data you collect has to specifiy as narrow as possible what it is being collected for before you collect it. Using pandemic related data for policing is a data privacy violation.
Of course that didn't stop police from still going into some places and demanding the data. But doing so was a clear breach of law.
Every piece of personal data you collect creates a pull factor for various actors to abuse said data, which is why you shouldn't collect more than you need, you should delete (or anon/pseudonymize) it once it is not needed anymore or you should collect it in such a way ot wouldn't be useful for state actors.
I am amazed how the German Corona-Warn-App was designed with these principles in mind. They managed to allow people to register into locations while only storing the data locally on your phone. Your phone then downloads the data from the servers in an non-revealing way and queries it for warnings/positive cases that have been issued in these locations at that time. If yes, you get a warning and you can decide how to proceed with this without having any other actor knowing of this.
This software is a piece of art from a privacy standpoint.
At the same time the state-level regulatiins require recording name and contact data, thus making CWA not enough of a (legally accepted) solution, leaving paper lists or trainwrecks like Luca.
last may, i recall public health officials and figures coming forward to say that mass protests were acceptable because racism was a greater public health threat than covid. you can see a similar push for gun control using the same rhetoric taking shape
What health officers said is that 1st amendment rights supersede health orders. Perhaps you could link to a health officer or health order saying otherwise?
I don't recall health officers specifically saying this. But it was public policy in NYC to explicitly not trace infections spread through the George Floyd protests:
those health officials couldn't bring themselves to offend the protesters by pointing out that the protests were cesspools of shedding virus. even though the protests were cesspools of shedding virus.
Do you have any references for that? I’ve read a few informal attempts and nobody had compelling evidence that the protests caused increased transmission. Seems unlikely since they were outdoors, which is now known to be relatively safe right?
it only seems unlikely if you don't understand how covid works. covid-19 is an airborne illness that is passed through moisture between humans. humans radiate moisture when engaged in activities that increase heart rate. protest involve a lot of marching and yelling at each other, which, spread moisture through droplets, perspiration, breath etc. many protestors were mask averse, to put it mildly. so, no, not now known to be relatively safe right?
outdoors with a 6' halo is fine in most cases, even with an unvaccinated population. The protests were not that in many cases, but health officials refused to tell people to stop, for whatever reasons they had. I believe the reasons were personal cowardice and dereliction of duty in the face of being scared of being called racist.
It may be better for me to rephrase this part of my post like this:
> ""public health" is now likely to be a part of the surveillance justification tool kit too"
I don't have any specific examples, but this article gives a good gist of what might be at stake. [1]
I think this is a key quote
> "The Snowden disclosures came twelve years after the initial implementation of the Patriot Act, and it was only last year that the U.S. Court of Appeals for the 9th Circuit ruled that the subsequent dragnet surveillance employed by the NSA may well have been unconstitutional."
How do I allow laws? Or rather what does it mean to not “allow” a law?
You are right. Terrorism and cp are commonly used excuses to enable even more surveillance.
When you talk about “allowing laws” it makes it sound as if we somehow got conned into letting them have these laws. In reality powerfull people want these tools. Powerfull people get these tools. Where does the allowing happen exactly?
And don’t tell me that all would be well if only we would vote for the other guy.
>” When you talk about “allowing laws” it makes it sound as if we somehow got conned into letting them have these laws.”
This is a very Machiavellian and realpolitik take, so please keep that in mind. People in a democracy “allow” laws whenever they just continue to live normally. Sure, you can protest with signs and vote differently in the next election, but we know that’s not particularly effective at shaking the status quo.
What does “not allowing” a law look like? Civil disobedience, defiance, harassing politicians, and trying to force change. In essence, it’s average people and activists using every tool at their disposal to force the politicians to act differently. We saw plenty of this in 2020.
Vote for approval voting, ranked choice, or even instant runoff at every level of government so that voting against an incumbent at least has a viable candidate.
I worry that making voting more complicated and giving people more candidates to vote for might actually backfire.
We already see this in American primary elections where the incumbent runs against a half dozen or more “nobodies” and seems to win on name recognition and vote splitting alone.
Primaries are also winner-take-all which is why incumbents have such an advantage. Alaska got rid of party primaries and so it'll be interesting to see how the next primary goes, which will be between the top four candidates voted for in the primary.
Arguably 4 is too low a number to represent the varied interests of any state, and the first round will likely leave people unsatisfied until candidates can start researching the actual values preferences of their electorate and offer e.g. the top 4 ways to order the most important issues and alignments. I think there will be a strong force to abandon divisive hot-button issues that sound good on TV but are actually lower on most people's preference ordering.
The problem is any winner-takes-all process. Ranked choice solves ticket splitting.
For instance, many Americans heavily favored Bernie Sanders and Elizabeth Warren who were both policy candidates in 2020. With ranked choice, they would have been the P/VP pairing. Instead, it went to Joe Biden because the candidates all dropped out and gave him their endorsements months prior to the end of the primaries to prevent Sanders' nomination and to secure a little political capital.
The current system is designed (to be able to) rob any candidate who builds popular support over the establishment. For instance, superdelegates are bullshit, but they're the tool the DNC decided on to prevent another Carter from happening, which is how they viewed Sanders.
Biden didn't even campaign and ended up POTUS, and he hasn't done anything towards enacting any of the promises he gave lip service to during the debates. I just wonder if that's not backfiring, what is?
Little evidence for this strategy's efficacy. Single-issue voting doesn't carry a lot of weight and in many cases other candidates would be equally supportive of the policy.
As I often point out, surveillance is bad but so is child abuse and complaining about surveillance without acknowledging that is a good way to get ignored.
Single-issue voting has been effective for gun rights activists. But the problem is that while there is a lot of concentrated commitment among firearm owners to resisting gun laws, fewer people are as motivated on the front of surveillance; if you ask people, they might say they're against it, but it's not a priority issue. Whereas for firearms, a majority of Americans actually are in favour of more restrictions, but for those who are against them, it's a much higher priority for them. It's a classic example of the behaviour of collective action in public choice theory.
Single-issue voting in the primaries can be extremely effective. Case in point is how the NRA electorate dominates Republican primaries, even though the majority of Republicans actually support various gun control proposals (e.g. AWB).
Yes the wording is imperfect. I meant "accept", as in, not protest until they are repealed. Voting is useless as all main political parties typically agree on this.
For politicians in democracies citizens are potential voters, foreigners don't matter.
It's still arguably better than dictatorships, where your citizens don't matter either, as long as you have a good police system.
We act surprised when we notice such things but we shouldn't be, it is a mistake to apply the same standards that we, as the lucky citizens of "free countries" enjoy, to any other system of power.
From a less cynical point of view, as an Israeli, I am not happy at all to see this kind of export products from my country. It is in great part because of the conflict. Te SIGINT units are huge and among the people who graduate from the army with this kind of knowledge you will certainly find many who will turn a blind eye to ethics for a huge paycheck. Not to mention that the research itself that the defense apparatus needs attracts capitals from other countries that will buy some of it and use it for unorthodox means. I wish we exported less of these things, especially to autocratic countries. I agree it's horrible.
> in democracies citizens are potential voters, foreigners don't matter
Not long ago, what determined whether you "mattered" or not was your religion and belief. We now replaced it with a state issued piece of paper and convinced ourselves that this is progress.
That's correct from a "spiritual" point of view, but pragmatically it is possible to define a spectrum from tyranny to democracy based only on the structure of power. More precisely you can look at the number of people the ruler needs to benefit to get their way. Religion and belief are important, no doubt, but they can be separated a bit from each other with this kind of analysis. In this respect modern democracies with universal suffrage, equal rights, legal protection from state violence are a big deal. It's not necessary for them to represent "progress" to be very very valuable.
Also, "belief" has a propensity to produce circular logic (I believe in X because X is true), non-escapable rational traps (you don't believe in anything, so you believe in non believing, so you believe...), tribalism (we should convert the nonbelievers), righteousness (how can't they see it? It is the truth), wishful thinking (I believe that X is good and Y is bad so of course I will ascribe every good event to X and every bad one to Y), insincere debates, existential crisis caused by the lack of it, and so on... So as much as it's possible I in favor of leaving beliefs and religions out of the analysis.
I’m not following. Are you saying citizenship replaced religion and it functions in the same way as religion did for empires and kingdoms of yesteryear?
Living in a region full of conflict might be an additional factor why regards to ethics may be of secondary concern.
But I am sure that governments of all countries might be interested because it is just a weapons race from their perspective. A race to the bottom again.
I don't think it is the job of Israel to decide who is going to use it and how. Do we even know what countries are using it for? in most cases it is unknown. I find it a bit disingenuous that people who got no problem trading with countries like China suddenly find one case where some other country misused eavesdropping and manage to slap "Israel" in the headline as if it is their responsibility and they are the main issue here.
I an not so naive to think that the recent deals with the Gulf states and the thawing with SA are not related to these exports. We benefit from it. I am very conscious of the enormously disproportionate criticism and hate Israel gets in many circles and of course they slapped "Israel" in the headline in part for the ritual condemnation.
But two wrongs don't make a rights. It's despicable to export weapons, especially to dictatorships, no matter if you are Israel, China, Russia, Italy or Sweden (the last two being major weapon exporters but keeping themselves conveniently under the radar)
The people who work in these companies should be absolutely shunned and black listed from laundering their past by taking up a role at any major tech firm.
The people who work at NSO and companies like this are a stain on the whole tech industry and are outcasted by their own IOF peers for being greedy and morally-lacking.
Absolutely disgusting to think your hands are clean while you make tools that directly empower dictators and keep whole regions of people subjugated.
Aren't these private hacking companies breaking the law though? Does anyone know why no one has sued them or arrested them or something? From what I understand in most cases, any attempts to reverse engineer or exploit any system is against terms of service with the offender held liable. Some teenager who comes up with a game hack can be slapped with a massive fine, but these hacking companies aren't even breaking the law? How does that work?
> Aren't these private hacking companies breaking the law though?
Like Russia, Israel doesn't seem to give a damn when criminal enterprises operating in their borders victimize people in other countries. This shit has been going on for years: https://en.wikipedia.org/wiki/Download_Valley
I brought up Russia to make the point that Israel isn't the only country that operates like this. But they are one of the countries that does and their reputation for it spans decades.
2. You say 'adware', while Wikipedia says: "These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware."
3. I provided two examples of countries that operate like this, not a comprehensive list. I gave the second example to make clear that I was not claiming only one country operates like this. I already clarified this for you.
I don't think you are commenting in good faith. I will not respond to you again, even this response was doubtlessly a waste of my time.
When you get a government contract in this and similar fields, it usually comes with protection against most laws, no matter which ones are broken and where (see "Blackwater").
Rule of law is a joke. If you work for your government and don't anger the politicians you can workout sweetheart deals that will shield you from the law completely, unless you fall out of political favour.
But they are breaking the law. Same as many security agencies. It just doesn't matter.
In this case it's not directed by the Israeli state; the Israeli state just doesn't really care, and doesn't want to interfere with the post-army job prospects of intelligence personnel.
> The Israeli minister of defence closely regulates NSO, granting individual export licences before its surveillance technology can be sold to a new country.
And he's always going to say yes unless it's going to some truly extravagant abuser (e.g. North Korea), or to a customer that would cause diplomatic problems with the US (e.g. China... maybe).
The state absolutely has the power to turn this into an instrument of foreign policy; it has chosen not to do so, in order to use it as an instrument of military-industrial policy.
(To be clear - the Israeli state is absolutely the actor to put pressure on if you want this kind of thing to stop, and indeed bears moral responsibility. But the actions of these companies are not so closely tied to Israeli state interests as to make them immune to lawsuits abroad, or even in Israel if they violate Israeli law.)
No but at least try to make sure that people working for them are banned from the international security community. They are clearly not working for the good guys (specifically here French journalist under surveillance of Morocco spies)
Why would anyone sue or arrest them? They develop the software, they do not break into the phones of journalists.
The article says that the governmental agencies are breaking into the phone. These hacking companies just license their software to these governmental agencies.
If you sell it in accordance to your state regulations, I guess there will be no problem.
Isn't that basically the same as selling weapons?
(I would appreciate if no worker of the rank would accept to collaborate with manufacturing any form of weapons, but we are well past the point where lay people make their own mind about these things)
Snowden needs to repeat and remind people, over and over, that people should just not trust their electronics if they are doing sensitive work that somebody powerful elsewhere (government or a rich company) might not like.
I'm also curious how whatsapp/facebook will respond to those vulns. Hard to really trust them at all, it's really easy to imagine a conspiracy theory when intelligence agency negotiate inserting backdoors into popular software.
I'm really discouraged from working in computer security, it really looks like a shady industry.
I hate to say it, but if what you're communicating could risk your life or that of someone else you might want to avoid using computers to communicate it altogether.
Old-school techniques such as physically smuggling microdots[1] seem much safer than relying on any computer technology, which can always be hacked.
If these hacking firms succeed in chasing journalists off digital communication, I think the totalitarian regimes they serve will consider that "a win."
These firms are helping authoritarian regimes kill and imprison journalists. The journalists who survive by being paranoid will be made less effective by having to use less effective methods of communication, which likely aren't understood by the people journalists talk to (whistleblowers, witnesses, etc.)
Old-school techniques were hard to pull off even by trained spies with a proper (and vast) support network, let alone by journalists and John Rando who have never met. If you're on a watch list that gets your phone flagged for malware then it's not a stretch to assume that you can also be physically watched. And meeting in person with journalists or sources while being under surveillance is like painting a target on your back.
And that's before considering that a journalist would never have a realistic chance to meet potential sources under repressive regimes on the other side of the world, certainly not a useful number.
Computers and encryption made this kind of covert communication far more accessible to the laymen. Anything that sets that back just deters people from even trying and this is exactly the chilling effect those oppressive regimes are looking for.
"If you're on a watch list that gets your phone flagged for malware then it's not a stretch to assume that you can also be physically watched."
The difference is you need way more resources and funds to physically watch and search a lot of people than to spy on their computer communications or hack in to their phones/laptops.
Mass computer surveillance is practical, easy, and affordable.. mass physical surveillance is much harder, much more expensive, and impractical to do effectively on large populations.
> you need way more resources and funds to physically watch and search a lot of people [...] Mass computer surveillance is practical, easy, and affordable
You're right but old-school methods make everything impractical, hard, expensive, and far riskier for both the dissident who already has enough reasons to just stay quiet, and also for the journalist. They set a very high bar for succeeding. You're asking a regular person to take the end-to-end role of a Cold War spy and their source. And this when having access to sensitive info, suspicious purchases like photographic equipment and chemicals, trips abroad, or any attempt to contact a journalist would individually be enough to put someone on a watch list. There are only so many ways to get in contact with a journalist and set up meetings that don't involve any electronic communication.
The state can take a lot more than the individual. So the question is how many people who have sensitive information to share could or would go that route in face of this dramatically mounting pressure? Anything that raises that bar for doing it is a win for the oppressive regime because it makes surveillance that much easier.
How is it different? They are tools that can be used for both legal and illegal means. If you put legal responsibility on one toolmaker to ensure their tools are not used in an illegal fashion, why wouldn't you do the same for other toolmakers?
A shield can inflict damage just like a sword can. Encryption hiding the details of a murder plot can be just as crucial as an exploit that reveals a murder target's location.
And you will be jailed should you murder someone with a shield. But since the primary purpose of a shield is defense, it's assumed you will not use it as a blunt weapon. Buying a two handed longsword will definitely get you on some list, however.
Stop trying to find gotchas. Weapons (read: items whose primary goals are to inflict damage, maim, kill, injure, destroy) are and should be regulated.
The point of OP's original comment is that it isn't enough for the seller to assume that the customers will use the product in a legal manner. Once you start holding the seller legally liable for use of their product, the primary purpose of that product becomes irrelevant. All possible uses must now be considered when selling a product.
I looked into this because I was intrigued, turns out convicted felons in the good ol' United States are not allowed to purchase/wear/own body armor [1] (barring explicit exceptions).
I wonder what the rationale behind this federal law is. Does wearing/purchasing armor indicate that you, convicted felon, are simply up to no good once again? Is it one of those "you don't need ~~privacy~~ armor if you don't have anything to hide" things?
Because the state wants to make their ability to use force against rule-breakers as strong as possible. Some states even make the use of body armor while committing one crime it's own separate crime.
Journalism is already a profession running on fumes (literally, in the past. More metaphorically, today). It's just not feasible to do without technology.
People sometimes seem to imagine some world inhibited by security-conscious professions that is more akin to a slick movie than real life. Witness the common believe that, say, blocking websites at DNS levels has zero impact on crime because it's easy to circumvent.
Real-life criminals, journalists, or activists prefer Telegram over code tattooed on a messenger's scalp for the same reason we all do: hair grows too slow and nobody is getting on international flights right now. I know it's fun to imagine all these activities involving "threat actors" and steganographic key exchanges via Pornhub (Alex and Bob getting on?). But that road leads to busywork that doesn't get any corrupt politician's name on that white page.
It would be really nice if I could own my phone to the point where I could install an outgoing firewall or harden the os to my abilities instead of blind trust into the diligent but not infallible vendor.
You have touched on the real problem: Most of our digital devices have way too many attack surfaces.
If you can secure a movie from being copied by the owner of the device showing the movie, you can hide spyware on that device. That's OK for a usb gizmo you plug into your TV, but why would supposedly security minded enterprises accept that in their computers?
Yes but no. Quite frankly I love iOS and my apps and the camera etc. The big disappointment is really that there is no power user mode for the rest of us. The computer/phone is really an extension of the mind at this point and we gave up control so easily. It is as if we let corporations lock down our pleasure center.
You're a good example though for why it works so well. You're not even ready to sacrifice a bit (that bit being still disputable) to gain more control over your phone by switching the vendor. Meanwhile most people wouldn't even get your first desire. We're and have lost already.
Apologies for commenting before reading the article. But I'm curious what the sales process is for spyware. I understand the underground groups do all their stuff anonymously, but what sales ops do legitimate companies like NSO Group practice? Do they have sales targets/quotas? Do they vet their clients? What channels do they sell through?
Similar channels as any other arms manufacturer or defense contractor, as far as Israel goes they are regulated in the same manner by the same agency DECA.
They likely do not sell to anyone or for any reason that does not contribute to Israel’s foreign policy in some way or another.
That's why I keep it simple. I run things out of a closet with an air gaped computer, a single printer, and a gun...in case the printer starts acting suspicious.
You've already lost, then. Printers' output can be uniquely identified.
Nothing should ever be in dead-tree format. If you need to carry something that does not need electricity to display text, use eInk. Or build your own printer.
Some can, not all. Also, many printers are cheap, so if you are worried about this just buy them used and change them periodically. Good luck tracking someone down who bought their printer off Craig's list or at a pawn shop.
Older printers don't add identification to printed pages. I don't remember the exact year but I think the rule of thumb is that anything from the 80's or older is safe.
Israel has mandatory military service, and a lot of people go to work in their large SIGINT divisions (e.g. https://en.wikipedia.org/wiki/Unit_8200). A lot of them then leave service and go on to use those skills in the cybersecurity industry–on both sides.
Yes, and major VCs, Big Tech companies, self diagnosed contrarians and the establishment OSINT crowd see nothing wrong with it or see it as a legitimate endeavour.
I’m currently reading Nicole Pelroth’s book “This Is How They Tell Me The World Ends”, which has a big section on the NSO Group and the Pegasus Project. If even part of what she uncovered is true, then digital privacy is effectively non-existent.
Are there U.S. laws NSO Group has violated? If not, how would laws define the prohibited activity?
We’re at the point of, at the very least, barring NSO Group, its employees and its investors from travelling to the U.S., using our financial system or keeping assets here. (Which would indirectly bar our police departments and agencies from contracting with them.)
Financing terrorism is a crime. Aiding and abetting journalistic suppression should be in a similar, albeit lower severity, category.
>We’re at the point of, at the very least, barring NSO Group
I haven't followed the US response to the behaviour of NSO Group but if things like you mention have already been done I very much doubt it isn't a smokescreen. The US is arguably the biggest user and customer to these kinds of services.
>Financing terrorism is a crime
Yes but if you have the power to define what is and what isn't terrorism (or journalistic suppression) then a law is useless. Fixing this is beyond the reach of a representative democracy and the likes. It needs a full-on direct democracy and enough citizens that are against it or a Dictatorship with a dictator that is against it. Otherwise any law pretending to be against stuff like this are at best a smokescreen or at worst a plot to keep it for those in power but out of reach of anyone else.
In at least one of the articles I've read so far they mention an American citizen journalist living in the UK whose phone was hacked. He was reporting on IMDB and looks like UAE corruption was why he got hacked.
So perhaps that's a way in? If not law in civil court? pardon my lack of legal jargon/knowledge
"Also listed in the leaked records is a UK phone number belonging to the American investigative journalist Bradley Hope, who lives in London. At the time of his selection he was an employee at the Wall Street Journal."
I know it's not a foolproof solution but perhaps there should be a greater focus on ethics in Computer Science curricula? The Israeli developers who wrote this software may not even have been exposed to the moral and ethical questions writing such software ought to raise. Perhaps there should be trade associations for developers that calls out software companies that writes immoral software?
With great power comes great responsibility, and if you knowingly use your great power to write this kind of software you are a terrible person, in my opinion.
> The Israeli developers who wrote this software may not even have been exposed to the moral and ethical questions writing such software ought to raise
Of course they have been exposed to ethical questions for writing the software. If you know Israel well, and the famed Unit 8200 [0], the initial creation of this type of software is definitely built with morals in mind - saving lives is the entire impetus.
Lots of security software out of Israel (see CheckPoint, a now public company) is first born out of the IDF with the goal of fighting terrorism and criminals. I don't see an ethics class being the answer here, as this type of cyber & security software has certainly saved lives. The issue is what happens after this software is developed, with seemingly justified reason to exist, and now in the hands of a business growing around it.
I meant actual ethics - not Israeli hasbara (propaganda). Clearly, the perspective that the Israeli Defense Forces is the bravest and most moral army in the world and that everyone who resists the occupation are evil terrorists is not foreign to them! I meant real ethical questions. Do I have a responsibility if what I create is used for evil? Is "just following orders" a valid defense? Is it right to spy on people who haven't committed any crime? Is the life of a civilian on the enemy side worth less than the life of a civilian on my side?
I'm a software developer so my life is all about identifying and fixing bugs. And it is a "bug" and a big problem that developers are willing to write software to hack journalists' and activists' cell phones. We should fix this bug. More ethics education? Shunning developers writing phone hacking software? I don't know what the solution is.
The solution, as it always has been, is political and educational. A fully-rounded education is essential to creating minds that use all sources of information - historical, statistical, philosophical, religious, etc - as data fed to a critical thinking machine (your brain). And politics must be of a nature that the best conclusions are elevated while the worst are discouraged.
There will always be people who will build weapons, and those weapons can always be used on innocent people. The only hope we have is that the people holding the weapons will have the right environment and presence of mind, and we can only do that through culture and education.
It's also possible that the developers who wrote this software are very aware of the ethical questions surrounding it and have decided that the benefits to society in combatting crime and terrorism outweigh the harms from misuse of the technology. While I don't personally agree, I can see how someone could hold such an opinion.
One of the things you'll learn in an ethics class is that ethical values are heavily influenced by culture and circumstance, and there are vast differences in what different groups of people believe is ethical and not.
How are they different to the Italian developers that worked on Da Vinci/Galileo or the British and German developers that worked on FinFisher?
Plenty of people work on products that may be immoral in some application or frame of reference.
Developing technologies that facilitate the predatory practices for social media networks, ad targeting, gaming/gambling and plenty of other shit.
And this goes beyond tech I don’t think that the 40 something machinist that works at Glock in Austria or the 23 year old EE engineer that works on imagines sensors for BAE in the UK some loses sleep at night because a handgun or some guided bomb somewhere killed someone.
Well, a colleague of mine got a job offer from Google a few years ago. I was with them when they replied the recruitment email with literally nothing else than "no" :D
Lol. Sure dude, it's the programmers who are the bad guys, not the people funding the israel/palestine war or in this case the owners of the company who decide to make software that helps assasinate people.
The whole Israeli state is morally bankrupt, but that doesn't mean that Israeli software developers doesn't have any responsibility themselves. Everyone is responsible for their own actions and should at least try to act ethically.
I can't say I know where the line is. For example, would it be unethical to work for Facebook? I don't know and I don't think so. Working for an online casino? In my opinion yes, but others would disagree. Writing software that is used by authorities to hack activists cell phones? Absolutely! It's so far beyond the pale that I can't fathom how anyone could defend it.
It won't make an impact unless you go top-down. I addressed this in my other comment. It's like expecting meaningful change by having people spend less water before companies spend less water. It's not impactful or meaningful.
It doesn't matter. You need to prioritize the issues you discuss by their impact: in this case, Israeli government oversight of these companies. It's dishonest to misdirect away from the real ethical issue which is what the parent is doing. He doesn't have to say anything for me to point out that it's moving the focus away from the real problem.
People's ethics are all over the spectrum regardless of career path. The root problem is that we need to worry about the ethics of our politicians. Overall, they seem like a pretty bad bunch!
It cannot be understated how much damage this company done, not only to the quest for freedom for untold amounts of ordinary people but also to its own clients.
So - I guess everyone should use WeChat? Because I'm sure the Chinese government wouldn't put up with Israeli software being able to capture that data.
this tech is developed against vulnerable people that have no rights, like the uighur muslims in china and the palestinian muslims in israel/palestine. it is then exported all over the world to be unleashed against us all. that's why we need to look out for the "least (powerful) among us." when you protect and advocate for the rights of the weak, you are actually advocating for your future possible self, and any offspring you may bring into the world that you may care about the welfare of, after you are gone.
Can't read due to the paywall. Can anyone share the tech side of this? Did they get full access to the victims' systems? How much of this was Social Engineering?
There may be another side to this. From NSO's website:
> NSO Group licenses its products only to government intelligence and law enforcement agencies for the sole purpose of preventing and investigating terror and serious crime. Our vetting process goes beyond legal and regulatory requirements to ensure the lawful use of our technology as designed.
Also, the company's owner, Novalpina, is not Israeli, though the founders and engineers of this particular surveillance product are in Israel.
This is problematic and wrong, however, in today's climate I think the term "activist" is applied far too liberally. At times, so much that clear enemies of the state could also claim to be "activists". Another important distinction is that for journalists to be truly objective, most of the time that means they can't simultaneously be active as "activists".
Hard to think anyone is surprised that top-tier pay-to-play malware is being promulgated by Israeli firms...
Every time we allow special laws or special tools to fight "terrorism" or "child abuse" or other evils that get people worked up, they end up being used against the people in general. Every time. Why are we even surprised.