NSO Group: Another Admission, This One Is Very, Very Negative
April 13, 2022
I don’t have much to say about the allegations in “NSO Confirms It Gave Israeli Police Access to Malware to Spy on Israelis.” The write up states:
The world’s foremost purveyor of zero-click exploits capable of completely compromising phones of targets is still in damage control mode. The damage can no longer be controlled, though. So, it’s basically just NSO admitting the nasty things said about have been mostly true.
The article does not pull punches:
If Hulio [a big wheel at NSO Group] wants to argue about the specifics of Israeli surveillance law, that’s one thing. But to claim that “listening in on calls” and turning phones into “listening devices” isn’t spying is absurd. Even in its weakened state, the spyware was completely capable of doing plenty of surveillance. And Hulio freely admits it was used to target Israelis. That is domestic surveillance. Lawful or not, that’s what happened and that’s what NSO enabled.
I believe that NSO Group manifested the confidence and “we can do what is possible”. Unfortunately the company’s management has created some challenges for the intelware sector. There’s the frightening aspect of spyware on a phone which embeds itself without the owner of the phone clicking, answering, or tapping. Then there’s the alleged link between the Pegasus and related technology and some unfortunate outcomes. (In my book, being killed is a Grade A unfortunate outcome.) Also less robust intelware outfits operating out of Israel have to check in with a den mother before following their sales instincts and closing some deals.
The disappointing facet of this very public discussion of NSO Group’s technology and business approach is that law enforcement may find that certain technology will not be sold or licensed by some vendors. Period. That’s not helpful in my opinion. The intelware sector is going to have to relearn the policies and procedures of low profile behavior and enforcing secrecy. Can these vendors learn some new tricks? Sure. But now with reporters chasing intelware developers and lawyer circling, has the once unlimited opportunity space been converted into a digital Shrinky Dink? (Don’t know about Shrinky Dinks? Click here.)
Stephen E Arnold, April 13, 2022
NSO Group Update: Surprise! We Knew Zippo
April 13, 2022
I find it interesting that Reuters in the midst of a war, a Covid thing, and economic craziness has the desire to recycle themes about the NSO Group. “Exclusive: Senior EU Officials Were Targeted with Israeli Spyware” reports that the intelware vendor is still snagged in brambles. The news story reports that Reuters’ reporters reviewed some documents which apparently reveal more interesting applications of Pegasus and possibly other specialized services provided by the Israeli company. The alleged spying popped up as a note from the very big, very privacy talking outfit Apple. I think it would be unnerving to receive a notice like “you may be targeted” instead of “Confirm your Apple payment information.”
The trusted news source (yes, that would be Thomson Reuters) included a statement from NSO Group that suggested the firm’s specialized software was not able to perform alleged spying on EU officials. The story points out that examination of mobile devices did not reveal a smoking gun or smoking bits as it were.
Several observations:
- Real journalists from Thomson Reuters are watching NSO Group and information about the firm. I interpret this attention to mean, “More stories about NSO Group will be coming down the information highway.”
- NSO Group continues to point out that the company is mostly in the dark when these allegations become real news.
- Legal eagles will flock and frolic in Brussels and then take off, head east, and drop bundles of assorted legal documents on the individuals still working at NSO Group.
- NSO Group will get a lot of booth traffic at the ISS Telestrategies Conference in Prague in a few weeks.
Net net: The amping up of public information about NSO Group in particular and intelware in general is not helpful to a number of agencies and companies. (I spoke with a US vendor of intelware as part of the research for my Spring lectures. A spokesperson for the company said on a Zoom call, “Please, do not mention our firm to those in your law enforcmeent audiences.” The reason: The company wants to sell to marketing firms, not government agencies. Too much risk.)
Stephen E Arnold, April 13, 2022
NSO Group Knock On: More Attention Directed at Voyager Labs?
April 12, 2022
Not many people know about Voyager Labs, its different businesses, or its work for some government entities. From my point of view, that’s how intelware and policeware vendors should conduct themselves. Since the NSO Group’s missteps have fired up everyone from big newspaper journalists to college professors, the once low profile world of specialized software and services has come to center stage. Unfortunately most of the firms providing these once secret specialized functions are, unlike Tallulah Bankhead, ill prepared for the rigors of questions about chain smoking and a sporty life style. Israeli companies in the specialized software and services business are definitely not equipped for criticism, exposure, questioning by non military types. A degree in journalism or law is interesting, but it is the camaraderie of a military unit which is important. To be fair, this “certain blindness” can be fatal. Will NSO Group be able to survive? I don’t know. What I do know is that anyone in the intelware or policeware game has to be darned careful. The steely gaze, the hardened demeanor, and the “we know more than you do” does not play well with an intrepid reporter investigating the cozy world of secretive conferences, briefings at government hoe downs, or probing into private companies which amass user data from third-party sources for reselling to government agencies hither and yon.
Change happened.
I read “On the Internet, No One Knows You’re a Cop.” The author of the article is Albert Fox-Cahn, the founder and director of STOP. Guess what the acronym means? Give up. The answer is: The Surveillance Technology Oversight Project.
Where does this outfit hang its baseball cap with a faded New York Yankees’ emblem? Give up. The New York University Urban Justice Center. Mr. Fox-Cahn is legal type, and he has some helpers; for example, fledgling legal eagles. (A baby legal eagle is technically eaglets or is it eaglettes. I profess ignorance.) This is not a Lone Ranger operation, and I have a hunch that others at NYU can be enjoined to pitch in for the STOP endeavor. If there is one thing college types have it is an almost endless supply of students who want “experience.” Then there is the thrill of the hunt. Eagles, as you know, have been known to snatch a retired humanoid’s poodle for sustenance. Do legal eagles enjoy the thrill of the kill, or are they following some protein’s chemical make up?
The write up states:
Increasingly, internet surveillance is operating under our consent, as police harness new software platforms to deploy networks of fake accounts, tricking the public into giving up what few privacy protections the law affords. The police can see far beyond what we know is public on these platforms, peaking behind the curtains at what we mean to show and say only to those closest to us. But none of us know these requests come from police, none of us truly consent to this new, invasive form of state surveillance, but this “consent” is enough for the law, enough for the courts, and enough to have our private conversations used against us in a court of law.
Yeah, but use of public data is legal. Never mind, I hear an inner voice speaking for the STOP professionals.
The article then trots through the issues sitting on top of a stack of reports about actions that trouble STOP; to wit, use of fake social media accounts. The idea is to gin up a fake name and operate as a sock puppet. I want to point out that this method is often helpful in certain types of investigations. I won’t list the types.
The write up then describes Voyager Labs’ specialized software and services this way:
Voyager Labs claims to perceive people’s motives and identify those “most engaged in their hearts” about their ideologies. As part of their marketing materials, they touted retrospective analysis they claimed could have predicted criminal activity before it took place based on social media monitoring.
Voyager Labs’ information was disclosed after the Los Angeles government responded to a Brennan Center Freedom of Information Act request. If you are not familiar with these documents, you can locate at this link which I verified on April 9, 2022. Note that there are 10,000 pages of LA info, so plan on spending some time to locate the information of interest. If you want more information about Voyager Labs, navigate to the company’s Web site.
Net net: Which is the next intelware or policeware company to be analyzed by real news outfits and college professors? I don’t know, but the revelations do not make me happy. The knock on from the NSO Group’s missteps are not diminishing. It appears that there will be more revelations. From my point of view, these analyses provide bad actors with a road map of potholes. The bad actors become more informed, and government entities find their law enforcement and investigative efforts are dulled.
Stephen E Arnold, April 12, 2022
NSO Group, the PR Champ of Intelware Does It Again: This Time Jordan
April 11, 2022
I hope this write up “NSO Hacked New Pegasus Victims Weeks after Apple Sought Injunction” is one of those confections which prove to be plastic. You know: Like the plastic sushi in restaurant windows in Osaka. The news report based on a report from Citizen Lab and an outfit called Front Line Defenders delineates how a Jordanian journalist’s mobile device was tapped.
The article reports:
The NSO-built Pegasus spyware gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and precise location. Many victims have received text messages with malicious links, but Pegasus has more recently been able to silently hack iPhones without any user interaction, or so-called “zero-click” attacks. Apple last year bolstered iPhone security by introducing BlastDoor, a new but unseen security feature designed to filter out malicious payloads sent over iMessage that could compromise a device. But NSO was found to have circumvented the security measure with a new exploit, which researchers named ForcedEntry for its ability to break through BlastDoor’s protections. Apple fixed BlastDoor in September after the NSO exploit was found to affect iPads, Macs, and Apple Watches, not just iPhones.
This is “old news.” The incident dates from 2021, and since that time the MBA infused, cowboy software has sparked a rethinking of how software from a faithful US ally can be sold and to whom. Prior to the NSO Group’s becoming the poster child for mobile surveillance, the intelware industry was chugging along in relative obscurity. Those who knew about specialized software and services conducted low profile briefings and talks out of the public eye. What better place to chat than at a classified or restricted attendance conference? Certainly not in the pages of online blogs, estimable “real news” organs, or in official government statements.
Apple, the big tech company which cares about most of its customers and some of its employees (exceptions are leakers and those who want to expose certain Apple administrative procedures related to personnel), continues to fix its software. These fixes, as Microsoft’s security professionals have learned, can be handled by downplaying the attack surface its systems present to bad actors. Other tactics include trying to get assorted governments to help blunt the actions of bad actors and certain nation states which buy intelware for legitimate purposes. How this is to be accomplished remains a mystery to me, but Apple wanted an injunction to slow down the NSO Group’s exploit capability. How did that work out? Yeah. Other tactics include rolling out products in snazzy online events, making huge buyout plays, and pointing fingers at everyone except those who created the buggy and security-lax software.
I am not sure where my sympathies lie. Yes, I understand the discomfort the Jordanian target has experienced, but mobile devices are surveilled 24×7 now. I understand that. Do you? I am not sure if I resonate with either NSO Group’s efforts to build its business. I know I don’t vibrate like the leaves in the apple orchard.
The context for these intelware issues is a loss of social responsibility which I think begins at an early age. Without consequences, what exactly happens? My answer is, “Lots of real news, outrage, and not much else.” Without consequences, why should ethics, responsible behavior, and appropriate regulatory controls come into play?
Stephen E Arnold, April 11, 2022
Google: Nosing into US Government Consulting
April 4, 2022
I spotted an item on Reddit called “Google x Palantir.” Let’s assume there’s a smidgen of truth in the post. The factoid is in a comment about Google’s naming Stephen Elliott as its head of artificial intelligence solutions for the Google public sector unit. (What happened to the wizard once involved in this type of work? Oh, well.)
The interesting item for me is that Mr. Elliott will have a particular focus on “leveraging the Palantir Foundry platform.” I thought that outfits like Praetorian Digital (now Lexipol) handled this type of specialist consulting and engineering.
What strikes me as intriguing about this announcement is that Palantir Foundry will work on the Google Cloud. Amazon is likely to be an interested party in this type of Google initiative.
Amazon has sucked up a significant number of product-centric searches. Now the Google wants to get into the “make Palantir work” business.
Plus, Google will have an opportunity to demonstrate its people management expertise, its ability to attract and retain a diverse employee group, and its ability to put some pressure on the Amazon brachial nerve.
How will Microsoft respond?
The forthcoming Netflix mockumentary “Mr. Elliot Goes to Washington” will fill someone’s hunger for a reality thriller.
And what if the Reddit post is off base. Hey, mockumentaries can be winners. Remember “This Is Spinal Tap”?
Stephen E Arnold, April 4, 2022
FinFisher Slips Beneath the Cold, Dark Sea
April 1, 2022
I read “Stage Win: FinFisher Is Bankrupt.” The main idea is that the somewhat controversial vendor of intelware is out of business. The article states:
“The end of FinFisher is not the end of the state Trojan market,” says Thorsten Schröder, who conducted the CCC FinSpy analysis together with Linus Neumann. “The employees who are now laid off will look for new jobs – presumably at competitors, who will probably also take over the customer base.” More important than the company going bankrupt, therefore, is a conclusion to the criminal proceedings. “We all hope that the end of FinFisher is just the beginning and that the competitors will also finally face legal and financial consequences,” says Linus Neumann.
What is interesting that as information moved from “secret” to open sources, the reaction to specialized software and services has been interesting. The MBA, cowboy emulating, entrepreneurial approach to generating revenue has had an impact.
Blub, blub. Is this the sound of that will haunt other vendors of specialized software and services? What if companies with fish names may face a similar fate?
Stephen E Arnold, April 1, 2022
DarkCyber, March 29, 2022: An Interview with Chris Westphal, DataWalk
March 29, 2022
Chris Westphal is the Chief Analytics Officer of DataWalk, a firm providing an investigative and analysis tool to commercial and government organizations. The 12-minute interview covers DataWalk’s unique capabilities, its data and information resources, and the firm’s workflow functionality. The video can be viewed on YouTube at this location.
Stephen E Arnold, March 29, 2022
Palantir May Be the New DCGS
March 9, 2022
It is perhaps more important than ever for our military to reliably, efficiently, and securely relay data to the other side of the world. To that end, the army is putting its faith in a firm we have covered often over the last several years. DefenseNews reports, “Palantir Scores $34M Order for Army Data Platform.” Reporter Colin Demarest writes:
“The Army Intelligence Data Platform deal includes software, training, cybersecurity activities and help with testing and initial standup of the capability, the Program Executive Office for Intelligence, Electronic Warfare and Sensors said in an announcement Feb. 22. The award signals the next step for what was once known as the Distributed Common Ground System Capability Drop 2.”
So DCGS is dead, long live AIDP. According to a statement from the Army’s Project Manager Intelligence Systems and Analytics, the platform acts as that branch’s foundation for internal intelligence and its connection to data from the intelligence community. The write-up continues:
“The Army Acquisition Support Center describes the Distributed Common Ground System as a means to buttress a commander’s understanding of threats and his or her environment. It consists of both hardware, like laptops, and software, like data filters and analytics. The Department of Defense in February 2020 named Palantir and BAE Systems as competitors on a $823 million contract to upgrade the Army’s facet of the Distributed Common Ground System. In March 2018, the Defense Department said Palantir and Raytheon would share a $876 million contract for the Distributed Common Ground System-Army Capability Drop 1.”
Perhaps this announcement will boost the intrepid firm’s stock prices. But will this technology work if the cloud goes south or a laptop fails and a replacement cannot access the data? Of course. High tech always performs as long as there are government agencies with hefty budgets.
Cynthia Murrell, March 9, 2022
NSO Group: Sued by an Outfit with Deep Pockets
March 9, 2022
Now NSO Groups has an opportunity to see how legal eagles flock when Tim Apple says, “Let’s take NSO Group to court.” Tim Apple seems like such a nice person, but appearances can be deceiving.
A short news item from the Thomson Reuters outfit which wants me to trust them published “Apple Files Lawsuit against NSO Group, Saying US Citizens Were Targets.” Is this true? Tim Apple appears to believe that NSO Group took this action, but did NSO Group? NSO Group, like Time Apple’s outfit, makes software. NSO Group then licenses its system and platform to government entities. Following this logic, Tim Apple has to prove that NSO Group did the spying. But I am no lawyer, so maybe Apple’s actual approach is different from what appeared in the news story from the news organization that wants my trust.
I don’t trust too many people, and I certainly don’t trust those in the “real” news game. My point about the Tim Apple story is that once again the NSO Group is in the public eye. More specifically an outfit called OSY Technologies is named and sharing the NSO Spotlight.
I have been clear and consistent that the marketing infused MBA thought processes of some specialized software companies was off base. I long for the good old days when vendors of technology purpose built to meet the needs of intelligence and law enforcement agencies was essentially secret. I remember the good old days of specialist conferences when people from Trovicor would stop talking when an unfamiliar face walked by the booth. No more. If I walk by a booth I could score a baseball cap with a logo or get a T shirt with a cute message and the vendor’s logo.
How about a week without the NSO Group? Unfortunately the knock on effects of hyper active people trying to make big money from a finite customer base has put intelware on the equivalent of a 24 hour Twitter stream, a Telegram public group message, and the billboard in Times Square.
The publicity is bad. The litigation, if it takes place, ensures that intelware will become more well known. I can hardly wait for diagrams showing how the NSO Group platform interacts with its software on a target’s mobile device.
Will bad actors pay attention? Oh, boy, will they. I don’t need synthetic data, a Bayesian engine, and some smart software to understand that more downside exists now than before I read the real news about Tim Apple’s flock of lawyers preparing to circle what might be a possible meal.
Stephen E Arnold, March 9, 2022
Stephen E Arnold
NSO Group: Now US Lawmakers Want Pegasus Information
March 7, 2022
Imagine a hearing in which elected government officials ask questions about NSO Group’s Pegasus. Once that technical information is internalized, the members will want to know if a US government agency and a company wearing a T shirt with the word “Privacy, Security, and China” printed on it use the specialized software.
“US Lawmakers Demand Answers from Apple and the FBI about the Agency’s Alleged Use of Pegasus Spyware” states:
…a pair of lawmakers in the US House are asking for some answers about the situation. The letters were signed by Rep. Jim Jordan, who is a ranking member of the House Judiciary Committee, and Rep. Mike Johnson, a ranking member of the subcommittee on civil rights. The letters were seeking information on “the FBI’s acquisition, testing, and use of NSO’s spyware.”, which indicated that the FBI has acquired NSO-developed spyware tools like Pegasus and Phantom.
Will this inquiry end up in a public hearing with breathless real news people infected with Potomac Fever reporting on what once was secret?
I don’t know. But it would be a cause to celebrate if the NSO Group matter would drift into the background. Alas. Now that elected officials “demand” answers, I think I will be subjected to another flow of Pegasus/Phantom talk.
Apple is not dragging its feet in the orchard. The company has sued NSO Group for stuff only lawyers understand in addition to billing.
Will senior officials from Tim Apple’s company and the FBI participate in what will be memorialized on cable TV, YouTube, and possibly the China affiliated TikTok?
I don’t know. What I do know is that knock on effects of the NSO Group’s cowboy approach to the digital Wild West is bigger news that Buffalo Bill’s traveling circus.
Stephen E Arnold, March 7, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
