Were you not concerned with unethical and potentially fatal outcomes of your work?
I’m trying to phrase this in a way that doesn’t come standoffish - in some way you clearly _weren’t_, since you did the work. But I’m wondering whether this ever entered the picture for you, and how you dealt with that.
For some reason my original comment got flagged. It went:
I was concerned. Just as much as an average Facebook employee when it turned out someone built a psyop weapon on top of their data to manipulate elections’ outcomes.
The number of degrees of separation between average Facebook's engineer work and "direct harm to a human being" seems like it'd be orders of magnitudes higher than when working on exploits for companies with the client list like that of NSO's.
But number of affected people and the scale of impact was also on another order of magnitude.
Moreover, that tool depended on private companies that operated without any oversight. It’s a very different situation for exploits (although I agree that they often end up in the wrong hands)
NSO is probably one of the worst offenders when it comes to screening their clients. This raises ethical issues. It was a factor for me and many of my former colleagues.
However, for every abusive operation that gets exposed, there are many legitimate ones conducted by democratic governments. I think we are far from a mass-surveillance scenario, and those exploits are not as widely available as the media might portray.
I’m trying to phrase this in a way that doesn’t come standoffish - in some way you clearly _weren’t_, since you did the work. But I’m wondering whether this ever entered the picture for you, and how you dealt with that.