NSO Group: Yes, Again with the PR Trigger
January 31, 2022
I have no idea if the write up “NSO’s Pegasus Spyware Used to Target a Senior Human Rights Watch Activist” is spot on. The validity of the report is a matter for other, more youthful and intelligent individuals. My thought when reading this statement in the article went in a different direction. Here’s the quote I noted:
In a tweet, Fakih showed a screenshot of a notification she received from Apple informing her she may have been the target of a state-sponsored attacker.
Okay, surveillance. Usually surveillance requires someone to identify something as warranting observation. the paragraph continues:
Though others versions of Pegasus software uses text messages embedded with malicious links to gain access to a target’s device, Fakih said she was the victim of a “zero-click attack” that is capable of infecting a device without the target ever clicking a link. Once a target is successfully infected, NSO’s Pegasus software allows the end-user to surveil the target’s photos, documents, and even encrypted messages without the target ever knowing.
The message is that NSO Group continues to get coverage in what might be called Silicon Valley real news media. Are there other systems which provide similar functionality? Why is a cloud service unable to filter problematic activities?
The public relations magnetism of the NSO Group appears to be growing, not attenuating. Other vendors of specialized software and services whose very existence was a secret a few years ago has emerged as the equivalent of the Coca-Cola logo, McDonald’s golden arches, or the Eiffel tower.
My view is that the downstream consequences of exposing specialized software and services may have some unexpected consequences. Example: See the Golden Arches. Crave a Big Mac. What’s the NSO Group trigger evoke? More coverage, more suspicions, and more interest in the methods used to snag personal and confidential information.
Stephen E Arnold, January 31, 2022