NSO Wins Phone Exploit Of The Year Award, No-Shows Award Ceremony

from the NSO-still-hasn't-worked-past-denial-apparently dept

There’s no better way to admit you’re a pariah than skipping out on a celebration of your specific talents. Roman Polanski has passed on attending awards ceremonies out of fear of being extradited to face criminal charges related to the drugging and raping of a 13-year-old girl. Polanski remains a (cautiously) celebrated film director and continues to find work, but will not show up to collect awards because he (correctly) fears direct criticism, if not an actual arrest.

It seems (somewhat) unfair to label Israeli malware purveyor NSO Group the “Roman Polanski” of cellphone exploits. But, unfair or not, here we are noting the similarities between the lauded director/accused child rapist and NSO Group, the latter of which has passed on attending (a much more informal) awards ceremony, presumably in hopes of generating less negative press and/or being accosted by unhappy attendees who want to know why NSO is still in business.

Here’s Lorenzo Fanceschi-Bicchierai with more details for Motherboard:

This year, NSO Group was nominated for the Best Mobile Bug, for the exploit known as Forced Entry, an iPhone exploit that didn’t require any interaction from the victim, meaning targets could get hacked without realizing anything happened. Security researchers praised the technical sophistication of the exploit, calling it “mind-bending,” a bug that “goes into ‘holy smokes, what?!’ area,” with “several truly beautiful aspects,” and “absolutely stunning.”

[…]

When one of the Pwnie Awards organizers Sophia D’Antoine announced the prize, she asked if anyone from NSO was present to pick it up, or if anyone else would pick it up on behalf of NSO. No one from the attendees came to pick up the prize. 

Maybe NSO Group considers the Pwnies to be the equivalent of regional Peabody awards and felt it wasn’t worth the expense to attend. Maybe the malware purveyor figures its above this sort of performative activity. Or maybe it would prefer to return to its glory days, where it sold to a number of human rights abusers while flying under the world press radar.

Whatever the case, NSO sat this one out. It was honored by some perhaps dubious peers who appreciated its ability to build a zero-click exploit that could be deployed successfully against iPhones, the acknowledged world standard for device security.

But, despite its unwillingness to accept a minor award for its exploit greatness, NSO reps still seem to consider it an honor to have been nominated, much less given an award.

“I didn’t even know that we were nominated,” Shalev Hulio, one of the founders of NSO Group, told Motherboard in an online chat. 

When Motherboard told him that the reward was a cute little pony, he said: “Ah nice :)”

Yes. Nice. But NSO is far from nice. It has made millions for years by selling its products to government entities it knows will deploy them abusively. It’s only in recent months that it has displayed a change of heart. And that change of heart seems to have been provoked solely by a much more extreme change in acceptable exploit sales parameters. NSO will still do evil when it can. But, at the moment, its options are limited. And if that means skipping out on award ceremonies while it tries to rehabilitate its image, so be it.

Filed Under: ,
Companies: nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “NSO Wins Phone Exploit Of The Year Award, No-Shows Award Ceremony”

Come to America! Taste our institutional cuisine! Enjoy accommodations you literally cannot walk away from!

Act now, and we’ll give you an offer you cannot refuse!

— Anonymous

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Subscribe: RSS Leave a comment
19 Comments
This comment has been deemed funny by the community.
Anonymous Coward says:

Come to America! Taste our institutional cuisine! Enjoy accommodations you literally cannot walk away from!

Act now, and we’ll give you an offer you cannot refuse!

Diogenes says:

its not just about sales to dictators

Hacking is illegal, so selling hacking software should likewise be illegal. I dont care if you say you wont sell to dictators (anymore). You shouldnt be selling it at all to anyone.

Anonymous Coward says:

Re:

At least in the US: “Hacking is illegal” in similar ways to “smashing stuff is illegal”. That is, it is extremely circumstantial (and depends on which definition of the term you are using).

Indeed, the library of congress even makes a list of “legal hacking” (for example jail breaking phones was, maybe still is, legal).

My point being: over generalizations like there are actually very unhelpful. They lead to reasoning that gives us stuff like “warrant proof encryption” (which is a term filled with nonsense that I wont dive into here).

Diogenes says:

Re: Re: again, hacking is illegal

Hacking as defined by law is “unauthorized computer access”, which this clearly falls under.

Anonymous Coward says:

Re: Re: Re:

You clearly didn’t get the joke: smashing stuff is illegal (vandalism) unless you’re the police carrying out a search. Similarly, hacking is illegal unless you’re a government agency looking for CSAM someone doesn’t have. Q-/

This comment has been flagged by the community. Click here to show it.

beautyfly (profile) says:

cerave hydrating sunscreen spf 50

Glide the enrichment of CeraVe hydrating mineral sunscreen Spf 50 to help your skin cells fight the boiling yet harmful sun rays. CeraVe mineral sunscreen is applied to combat the damaging UVA/UVB sun rays without contributing to irritation. It is well-made with 100% mineral titanium dioxide and zinc oxide that structures a protective skin barrier on your skin to reflect the hot rays without irritating your delicate skin.

Anonymous Coward says:

Re:

Your spam post is inaccurate in so many ways I don’t even know where to begin. I will tell you that no product consists of 100% of its active ingredient, though.

Anonymous Coward says:

Re: Re:

i would have gone with “boiling yet harmful”, but yeah.

i do wonder sometimes how the legit product manufacturers feel about these vendors and spam.

This comment has been flagged by the community. Click here to show it.

This comment has been flagged by the community. Click here to show it.

Anonymous Coward says:

Re:

If Roman Polanski did indeed drug and rape a 13-year-old girl (and the evidence he’s provided suggests he did), he could have killed her either through overdose or inflicting internal injuries. How does that make the comparison suck?

LostInLoDOS (profile) says:

Well then:

The fact that they exploited the iPhone is cause for…mild congratulations.
The award is well earned.

And, as usual, Apple patched it almost immediately. And then the patch was submitted to all the various BSD groups and patched out entirely in under 10 days total.

This is why, even more so than Linux, people don’t waste time attacking BSD! Including Apple software. You’ve got hours or days before the ninety-nine has upgraded and patched.
Unless your target device is in your hands, it’s generally a lost cause.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...