Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Government Android Blackberry Iphone Privacy

NSO Has Been Selling a Smartphone-Surveilling Malware For Six Years (nytimes.com) 98

The New York Times continues their coverage of the commercial spytech industry, noting its services "are in higher demand now that companies like Apple, Facebook and Google are using stronger encryption to protect data in their systems, in the process making it harder for government agencies to track suspects... For the last six years, the NSO Group's main product, a tracking system called Pegasus, has been used by a growing number of government agencies to target a range of smartphones -- including iPhones, Androids, and BlackBerry and Symbian systems -- without leaving a trace...to extract text messages, contact lists, calendar records, emails, instant messages and GPS locations." Slashdot reader turkeydance quotes their article: That will cost you $650,000, plus a $500,000 setup fee with an Israeli outfit called the NSO Group. You can spy on more people if you would like -- just check out the company's price list. The NSO Group is one of a number of companies that sell surveillance tools that can capture all the activity on a smartphone, like a user's location and personal contacts. These tools can even turn the phone into a secret recording device...

The company is one of dozens of digital spying outfits that track everything a target does on a smartphone. They aggressively market their services to governments and law enforcement agencies around the world. The industry argues that this spying is necessary to track terrorists, kidnappers and drug lords. The NSO Group's corporate mission statement is "Make the world a safe place"... An ethics committee made up of employees and external counsel vets potential customers based on human rights rankings set by the World Bank and other global bodies....

One of the services offered by the NSO group is "over the air stealth installation," though they can also install their spying software through Wi-Fi hot spots. One critic argues "They can say they're trying to make the world a safer place, but they are also making the world a more surveilled place."
This discussion has been archived. No new comments can be posted.

NSO Has Been Selling a Smartphone-Surveilling Malware For Six Years

Comments Filter:
  • Gee... (Score:3, Interesting)

    by 110010001000 ( 697113 ) on Sunday September 04, 2016 @08:48PM (#52826993) Homepage Journal
    I can sell you a 99 cent app that can do all that. No one checks permissions on apps.
  • I"m safe! (Score:5, Interesting)

    by NewtonsLaw ( 409638 ) on Sunday September 04, 2016 @08:50PM (#52827001)

    Haha... now those folk who mock me for having a $9 "dumb" phone will realise exactly why I've not moved my life onto an Android or iPhone device!

    • by Desler ( 1608317 )

      Because you want to make it easier for them to snoop on you?

    • This software is $500,000 setup plus $650,000 per target. So $1.15 million dollars.

      Bounty hunters track down bail jumpers for $250 (if they're easy and for $5,000 if they're hard. ($50-$100/hour isn't bad for someone without a degree).

      If someone is willing to spend over a million dollars tracking you, you'll be tracked. A million dollars will hire ten private investigators for a year.

      • by tlhIngan ( 30335 )

        This software is $500,000 setup plus $650,000 per target. So $1.15 million dollars.

        Bounty hunters track down bail jumpers for $250 (if they're easy and for $5,000 if they're hard. ($50-$100/hour isn't bad for someone without a degree).

        If someone is willing to spend over a million dollars tracking you, you'll be tracked. A million dollars will hire ten private investigators for a year.

        I suspect that's because of the relative difficulty in breaking iOS. There are a lot of flaws in it, but it's very hard to ex

        • I'm not sure if you're a fan saying "best team ever", a troll, or just very misinformed.

          If you're a big fan of Apple, that's cool. Your quarterback is the best ever. Steve Jobs was a genius. Beat the hell outta Microsoft! Stop reading here if you're a big Apple fan.

          If you're trolling, you're late. Try getting in right when the story is posted for best results.

          Lastly, I've been doing network security full time for nearly 20 years. Apple's iOS doesn't -completely- suck for some aspects of security. Conven

    • by jonwil ( 467024 )

      I have a Nokia N900 Linux phone which is so obscure and unpopular no-one is going to bother writing exploits specifically for it. And with the unofficial updates from the community I get fixes for a lot of the general bugs going around (e.g. more recent OpenSSL than the phone came with for example). And being Linux and using so much open source software I can contribute directly to the development of the thing (e.g. I have done a lot of work on updating the included set of root certificates to the latest se

    • I'm safe. I have a windows phone and nothing fucking works on it and hardly any other fucker has one (because they're shit). It's quite nice in the security through obscurity boat now that it's been abandoned by the mac people.
    • If you're an American, the joke's on you. Ever since CALEA, it's unlawful to sell a phone in the United States that doesn't have hardware level remote surveillance capabilities built-in.

      This particular badlaw was signed by Bill Clinton well before 911. Try to get a copy of the (secret, but leaked) implementing regulations if you can.

  • to cover identity, use the well tested fact that western media/'security researchers' are always willing to 'fall' for any and all obvious cyrillic clues left behind, to blame russians on all occasion.
    but don't forget to leave small amount of korean script too. very good for free publicity.

  • by whoever57 ( 658626 ) on Sunday September 04, 2016 @09:40PM (#52827199) Journal
    How is using this software not illegal under the CFAA?
    • U.S. law, Israeli company. I would assume they wouldn't have to follow U.S. law.
      • U.S. law, Israeli company. I would assume they wouldn't have to follow U.S. law.

        Yes, I understand that. However, the USA has extradited people from abroad for breaking into computers based in the USA. Also, some of the users may be in the USA.

    • by Desler ( 1608317 )

      This isn't an actual serious question, right? You aren't really that naive, are you?

      • This isn't an actual serious question, right? You aren't really that naive, are you?

        No, it was a rhetorical question, designed to show how f*cked up things are in the USA.

    • How is using this software not illegal under the CFAA?

      Ha, like they give a shit what's legal.

  • by haruchai ( 17472 ) on Sunday September 04, 2016 @09:45PM (#52827205)

    "The industry argues that this spying is necessary to track terrorists, kidnappers and drug lords"

    what about pedophiles? And Jason Bourne?

  • by khz6955 ( 4502517 ) on Sunday September 04, 2016 @11:12PM (#52827421)
    "Want to invisibly spy on 10 iPhone owners .. That will cost you $650,000, plus a $500,000 setup fee with an Israeli outfit called the NSO Group .. Since it is privately held, not much is known about the NSO Group’s finances"

    In other words a front group for the Israeli Security Service, the same people that have full control of all telephone records in the continental United States.

    NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender [citizenlab.org]
    • by AmiMoJo ( 196126 )

      It's telling that no government has set up an agency like these guys or the NSA / GCHQ, that is tasked solely with finding zero days and helping companies fix them. They could protect their citizens from the bad guys, but instead they prefer to keep their options open in case they want to make use of these services one day.

  • by Anonymous Coward
    It's "malware", not "a malware".
  • Anyone listening to my calls or texts deserves the death by boredom that will happen to them. Fuck all you spy agency assholes.
  • Let's see... If I was a terrorist, I'd have a pool of 100 or so smartphones ready to be cloned from a virgin image. When one needs to use a phone for a mission, I'd pull one randomly from the pool, install the image, and a never-used, new SIM card, and give it to the operative. When they are done with a mission, I'd wipe the phone, and return it to the pool.

  • I'm the guy who keeps saying: "So-called 'smartphones' have more holes in their security than a swisscheese or a colander, why the hell would I ever want one!?" and then I get called a 'Luddite' and any number of other names for not adopting such shitty technology -- regardless of the fact that practically every single day I read about yet another exploit someone discovered that can be used to take total and complete control of any smartphone. Then there's this story, which just confirms everything I've bee

Avoid strange women and temporary variables.

Working...