NSO Confirms It Gave Israeli Police Access To Malware To Spy On Israelis
from the 'hey,-we're-only-MOSTLY-as-bad-as-people-say' dept
Nearly every rumor about NSO Group has been proven true, despite plenty of early denials by the (oh, I guess we’ll be nice…) “embattled” malware merchant. The world’s foremost purveyor of zero-click exploits capable of completely compromising phones of targets is still in damage control mode. The damage can no longer be controlled, though. So, it’s basically just NSO admitting the nasty things said about have been mostly true.
Here’s the latest on NSO and its refusal (pre-mass criticism) to ask any other question than “Why not?,” brought to us by the Times of Israel.
The Israel Police was sold a version of the Pegasus spyware that is weaker than the software sold abroad but, unlike the international package, can be used against Israeli cellphones, the CEO of NSO Group said Tuesday.
Shalev Hulio confirmed to Radio103FM in an interview that police were provided with the Saifan package, which was assumed to be the case based on police rhetoric, media reports and expert opinions.
Apparently, it’s ok to assist in domestic surveillance as long as the surveillers don’t have access to the full version of the malware. That’s weird. What’s weirder is that NSO sold the full-strength version of this exploit to Israel’s enemies — a list that pretty much includes every other nation in the Middle East. They got the real exploit. Meanwhile, the locals had to make do with something less effective, presumably under the theory that this would make domestic surveillance more palatable.
But it really doesn’t. All we have is the CEO Salev Hulio’s assertions that foreign customers (including plenty of human rights abusers) couldn’t target Israeli numbers. This assertion means a whole lot less when the company is willing to bend the rules to target numbers previously declared to be off-limits. It created a version for the FBI that allowed the agency to target US phone numbers. And it crafted a variation that allowed Israeli police to bypass the rules NSO claims governs its spyware: the “forbidden” targeting of Israeli phone numbers.
This selective inability to remain consistent makes this statement by Hulio completely nonsensical.
“The police incident was not Pegasus but Saifan, a weaker version of Pegasus, with fewer capabilities and options for action. They tried to paint it as if they were spying on Israeli citizens; this of course was not true,” Hulio said.
But it is spying on Israeli citizens. You don’t target a phone with malware for any other reason if you’re a law enforcement/domestic security agency. Phones were hit with allegedly-weakened malware for one purpose: to gain intel. That is the definition of surveillance and spying. Previous reporting confirms what NSO won’t admit: its spy tech used to spy on Israeli citizens.
Pegasus is an extremely powerful tool that delivers a zero-click exploit — requiring no user interaction — allowing the spyware’s operator to remotely gain access to all of a phone’s data and functionality. It also enables operators to listen in on calls and use it as a listening device.
Israeli media reports have suggested it was only those latter capabilities that police had access to.
The latter capability is 100% spying. Even if what happened was 100% lawful, it’s still spying. If Hulio wants to argue about the specifics of Israeli surveillance law, that’s one thing. But to claim that “listening in on calls” and turning phones into “listening devices” isn’t spying is absurd. Even in its weakened state, the spyware was completely capable of doing plenty of surveillance.
And Hulio freely admits it was used to target Israelis. That is domestic surveillance. Lawful or not, that’s what happened and that’s what NSO enabled. There’s no walking away from that no matter how often media figures give you the opportunity to reiterate NSO’s corporate cognitive dissonance.
Filed Under: israel, malware, pegasus, surveillance
Companies: nso group
Comments on “NSO Confirms It Gave Israeli Police Access To Malware To Spy On Israelis”
its int he wild
Thinking they are the only ones Smart enough, isnt a good idea.
Thinking that no one will Crack/hack their program to figure out how its working, isnt a good idea.
Thinking no one in the future will Keep doing it, but in the Dark and deeply Covered/protected.
Nsa need that pegasus app as it has acess to the browsing data of most americans by weeking going to the 3 big telecom comanys that control 90 per cent of broadband customers including mobile browsing data
They have DPI on all of the internet backbone anyway. They don’t really need to go to any telecom, they are already there, and have been since before the internet.
Accounts for it, doesn't it
Explains why the Israel Border Police were always there to break up the Peace Movement’s protests, but never there to protect Palestinian farmers from settler terrorism. NSO’s got blood on its hands.
Ooooh the splitting of hairs.
So the police chief was being honest when he said they never used Pegasus, they used soemthing just like it with a different name.
Now the hard work of circling back to everyone who claimed they never used Pegasus and ask if instead they used Saifan or any other NSO product just to cover the bases.