Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Privacy Security

Pegasus Spyware Seller: Blame Our Customers Not Us For Hacking (bbc.com) 104

Posted by msmash from the how-about-that dept.
The maker of powerful spy software allegedly used to hack the phones of innocent people says blaming the company is like "criticising a car manufacturer when a drunk driver crashes." From a report: NSO Group is facing international criticism, after reporters obtained a list of alleged potential targets for spyware, including activists, politicians and journalists. Investigations have begun as the list, of 50,000 phone numbers, contained a small number of hacked phones. Pegasus infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras. NSO Group has said the software is intended for use against criminals and terrorists and made available to only military, law enforcement and intelligence agencies from countries with good human-rights records. But a consortium of news organisations, led by French media outlet Forbidden Stories, has published dozens of stories based around the list, including allegations French President Emmanuel Macron's number was on it and may have been targeted.
This discussion has been archived. No new comments can be posted.

Pegasus Spyware Seller: Blame Our Customers Not Us For Hacking More

Pegasus Spyware Seller: Blame Our Customers Not Us For Hacking

Comments Filter:

  • I've heard that excuse before... (Score:5, Funny)

    by dlleigh ( 313922 ) on Thursday July 22, 2021 @09:14AM (#61607633)

    "Once the rockets are up, who cares where they come down? That's not my department!" says Wernher von Braun.

    https://tomlehrersongs.com/wer... [tomlehrersongs.com]

  • bad car analogy (Score:3)

    by LatencyKills ( 1213908 ) on Thursday July 22, 2021 @09:17AM (#61607659)
    I better one would be blaming them for the drunk driving accident if they had created SW that helped the drunk bypass an intoxication test interlock.

  • Bad analogy (Score:5, Insightful)

    by PmanAce ( 1679902 ) on Thursday July 22, 2021 @09:19AM (#61607673) Homepage
    A car is bought to be driven and used as intended.

    This software is bought to be used as a hacking tool....as intended.

    • Re: (Score:2)

      by hey! ( 33014 )

      When you're talking about equipping governments to spy on *other* governments' citizens or officials, you are outside the realm of normal legal proscriptions and protections and into the realm of espionage.

      So you'd better be careful who you sell to, because it can trigger a response up to and including assassination.

      • Well they can always pretend the buyer bought it to fight against terrorists and whatever.

        What needs to be made illegal is selling a tool which relies on hacking personal equipment like phones, as well as knowing about a security flaw and not reporting it to the manufacturer within X days (aggravated if making money out of it).

        Obviously this is not going to make security agencies happy, but just like there is no "decryption key just-for-the-good-guys", there is no "spying tool just-for-the-good-guys".

    • This. But you could go a little further because some bozo will want to say that guns are used to kill people. No, guns are primarily used to defend oneself. What you should say is that the only purpose of this software is to hack. It can't be used to prevent someone from hacking you.

  • The maker of powerful spy software allegedly used to hack the phones of innocent people says blaming the company is like "criticising a car manufacturer when a drunk driver crashes."

    Or a gun maker being sued for their product being involved in a mass-shooting.

    • The maker of powerful spy software allegedly used to hack the phones of innocent people says blaming the company is like "criticising a car manufacturer when a drunk driver crashes."

      Or a gun maker being sued for their product being involved in a mass-shooting.

      The primary purpose of a car is not to crash. Guns are designed around how well they can put ammunition into people.

      • > The primary purpose of a car is not to crash. Guns are designed around how well they can put ammunition into people.

        The primary purpose of a car is transportation. The primary purpose of a gun is to equalize the application of deadly force.

        Cars help the crippled travel a hundred miles and a gun helps a petite woman resist an attacker. Both of these are unalloyed goods.

        The primary purpose of Pegasus is to violate the fundamental human right to privacy. This is nothing but predation.

        The analogy fails.

        • The primary purpose of Pegasus is to violate the fundamental human right to privacy. This is nothing but predation.

          You'll note there's no expressed right to privacy. [umkc.edu]

          • Re: (Score:2)

            by mspohr ( 589790 )

            UN Declaration of Human Rights (most countries including the US have signed)

            Article 12

            No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

            • Arbitrary being the key (weasel) word in the sentence.

              arbitrary -based on random choice or personal whim, rather than any reason or system.

              If a government decides to do something it is not an arbitrary action.

  • Cars versus guns versus hacking tools (Score:5, Interesting)

    by twocows ( 1216842 ) on Thursday July 22, 2021 @09:21AM (#61607687)
    Cars are primarily used for their intended purpose: driving. Accidents are an unintended but (currently) inevitable consequence.

    Guns are intended to be used to kill or injure. However, there are both valid and invalid reasons to do this. Valid reasons include hunting, self-defense, and putting down tyrants. Invalid reasons include just about everything else. This is why they're a lot more controversial.

    Hacking (or cracking, if you prefer) tools are intended to be used primarily for something unethical. There may be ethical applications of compromising computer systems, but the vast majority of applications are unethical, as is the typical use case. That's why they're almost universally seen as unethical and why making them makes you a bad guy.

    • Hacking (or cracking, if you prefer) tools are intended to be used primarily for something unethical.

      Overthrowing a totalitarian government that uses technology to cement it's power.

    • This is why they're a lot more controversial.

      If they were actually controversial, TPTB wouldn't be so desperate to manufacture controversy.

    • Re:Cars versus guns versus hacking tools (Score:4, Insightful)

      by Zak3056 ( 69287 ) on Thursday July 22, 2021 @09:45AM (#61607867) Journal

      Your reasoning does not seem especially sound.

      Shooting someone: sometimes ok
      Hacking their phone: never ok

      You don't see the disconnect there?

      • Not really. Humans can be nuisances and getting rid of them may be a good solution, while technology... what did the poor phone do to you to deserve being hacked?

    • Re: (Score:3)

      by sjames ( 1099 )

      Guns are a natural analogy. As it turns out, selling a gun to a known felon is a felony. There are also a variety of laws in place that make it a crime to be willfully ignorant of the buyer's felony status.

      • Also wonder what would happen to a gun manufacturer who started to market their guns as "the perfect weapon of choice for rapists and murderers, easy to conceal and have new features that lets you more easily avoid any police".

    • Well, that depends on the hacking tool.

      IDA Pro is one of the tools I use on a regular base. Yes, this program can be used to crack programs and remove the copy protection scheme. It can also be used to do security audits of programs and analyse malware to see what it does and how to counter it.

      There are very few tools that are by definition evil. What matters is the person using it.

  • We blame you (Score:4, Informative)

    by kyoko21 ( 198413 ) on Thursday July 22, 2021 @09:22AM (#61607691)

    We blame you because apparently you vetted your customers before you sold the software so the responsibility is on you. If you did your jobs properly and did your research then you would know that you would not want them to have/use the software.

    Who knows, maybe they used the software on you guys and you didn't even know.

    Or perhaps you guys don't use iphones or android and are still on Blackberries? :-)

    • We blame you because apparently you vetted your customers before you sold the software so the responsibility is on you.

      All those mass-shootings where the person went through a vetting process. [abc10.com]

      • The thing about people is this:

        A persons day to day mood is dynamic. Today might be going great for you and you're walking on the clouds.
        Tomorrow you might get sick, fired, a friend may pass away, the economy can collapse, or all of the above.

        Just because you were vetted and determined to be ok at the time of purchase doesn't mean you'll still be in the
        same frame of mind when the World starts piling shit on you.

        It's really just human nature and, tbh, I don't really see how anything can be done about it wit

      • Re: (Score:3)

        by jythie ( 914043 )
        You would expect a private company to control its own vetting process though, rather than having it be defined by people who profit off it not functioning.

  • blaming the company is like "criticising a car manufacturer when a drunk driver crashes."

    Cars are used primarily to get people to and from work, pick up and deliver goods, take people to hospitals, etc. Spy software is used primarily to violate people's privacy, often illegally. Cars are available, for purchase, or at least for use, to almost everyone. NSO's spyware is "made available to only military, law enforcement and intelligence agencies from countries with good human-rights records".

    So on the one hand we have cars which are readily available to the general public and having universal uti

  • But we all know that guns don't kill people, people kill people, right? RIGHT?

    • Right.

      The dozen or more guns within my safe for the past few decades have neither killed nor threatened anyone.
      Have never done anything more nefarious than punch holes in paper actually.

      They're not just going to hop out, run down the street and gun down a bus full of nuns on their own.

      You have to add the Human Variable into this equation before guns become something problematic.
      ( Our species tend to F just about everything up that we touch actually )

    • "Look at what we’d kill: Mosquitoes and flies. ‘Cause they’re pests. Lions and tigers. ‘Cause it’s fun! Chickens and pigs. ‘Cause we’re hungry. Pheasants and quails. ‘Cause it’s fun. And we’re hungry. And people. We kill people ‘Cause they’re pests. And it’s fun!"

      --George Carlin

  • Identical argument applies to drug dealers...

    I their customers weren't using drugs - nothing bad would happen...

    Or human trafficers...

    • So now weapons and "cyberweapons" are addictive like drugs?

      • Re: (Score:2)

        by sjames ( 1099 )

        They sure seem to be. Police get those things to deal with the most hardened of criminals, but like a degenerate drug addict, they are soon enough making excuses for themselves using them indiscriminately against people who probably aren't even committing a crime.

      • To some governments, they sure are.

  • Comparing their product with automobiles isn't a strong analogy. Because the Drunk Driver isn't trying to crash their Car, as well cars have a lot of safety features built in to protect the passengers as well the victims as much as possible while keeping the general positive utility in tact.

    If you are going to get an analogy, I would compare it to the Gun industry While this industry rightly or wrongly has a lot of legal liability protection granted by the government. Is creating a product that its purpos

  • I kinda wonder (Score:3)

    by Opportunist ( 166417 ) on Thursday July 22, 2021 @09:35AM (#61607795)

    Considering where that company is located, do they feel the same about IG Farben and their culpability concerning the production of Zyklon B?

  • NSO Group has said the software is intended for use against criminals and terrorists and made available to only military, law enforcement and intelligence agencies from countries with good human-rights records.

    Their apparent definition of "good" is a bit too loose for my taste.

  • Comment removed based on user account deletion

  • "Spyware doesn't spy, people do"

    A company that purpose-builds a product to perform a very specific task cannot be held responsible when someone buys that product and uses it to perform that very specific task.

    Where have we heard this argument before?

  • "The maker of powerful spy software allegedly used to hack the phones of innocent people says blaming the company is like "criticising a car manufacturer when a drunk driver crashes"

    And who is handing out car keys to the drunks? Could it be "The maker of powerful spy software" ?

  • Technically true, but guns make it possible for one asshole to kill a lot of people in a short time. If you run amok with a knife, an ax or a sword, you will get stopped by regular people after a few kills at the most. Guns are massive amplifier and that makes them a problem. Same for this spyware. If they had to hack every phone individually, not many would get hacked. With this software it becomes easy and cheap to do it on mass-scale.

    The weapon-maker and weapon-trader _is_ complicit. There is no moral ar

    • " Guns are massive amplifier and that makes them a problem. "

      Incorrect.

      Stupid, desperate and / or mentally ill people with guns can become a problem.
      The sane ones have never caused any issues.

      Besides, look at the flip side.
      Guns also tend to prevent mass shootings as those who like to partake in the mass-murder profession rarely target places where folks shoot back.
      ( See: Police Stations )

      • Re: (Score:2)

        by gweihir ( 88907 )

        You are cull of crap. An amplifier is an amplifier. People that are willing to do harm to others on mass-scale are a fact that cannot be removed. End of story. Seriously.

        Also please cite 3 valid examples (outside of war) where civilians have actually "shot back" to any real effect. Because exactly the converse to your claim seems to be the truth, namely that easy gun availability amplifies the frequency of mass-shootings.

      • So I guess that you are a massive supporter of gun control then, all your arguments points in that direction but still I have my doubts.

  • But NSO Group said it had no knowledge of how some phones on the list contained remnants of spyware.

    It could be "a coincidence", the spokesman said.

    That sounds more like the punchline of a Monty Python sketch than a serious comment to the press.

  • installing beer taps in cars now? could be a thing.

  • "criticising a car manufacturer when a drunk driver crashes.”

    No, it's more akin to criticising a car salesman who sells a car to someone who doesn't know how to drive a car. The outcome is obvious so why do it ?
    Or the bartender who keeps feeding you alcohol, knowing you have to drive home, well after it has become obvious you've had too much.

    These folks create a thing that governments and intelligence agencies all salivate over fully knowing it's going to be abused to hell and back.
    Because: $

    See: W

  • ...running people over. In fact, they specifically design cars to minimise the harm caused by running people over. What is it that spyware does again? & how are regimes with recent histories of human rights violations, torture, etc. against their own citiziens most likely to use said spyware?

  • NSO Group is founded by, and for, terrorists. You can call them "ex-spies" or whatever other titles their employees previous had if you want, but they are 100% currently, and factually, terrorists. And because they are terrorists, they are also giant pussies. So they stay and hide behind the Isreali governement (also terrorists), because if that company moved out of Isreal, it would be destroyed.

    Their customers are equally at fault for misusing the product as the company is for selling it to them.

    "Oh..uh, I

  • NSO BS: NSO monitored how Pegasus was being used (Score:4, Insightful)

    by schwit1 ( 797399 ) on Thursday July 22, 2021 @11:24AM (#61608341)

    Once the phone numbers started coming in NSO could see that the targets were dissidents and journalists. NSO should have pulled the Pegasus plug on the offending government and told the targets.

  • countries with good human-rights records

    It's truly amazing how much Israel has borrowed from the Nazi apparatus. Pegasus allows them to spy on anyone who says any bad word about Israel, especially about their apartheid policies.

    If I were Ben and Jerry, I'd get new phones, because according to Israel, they're now terrorists [hamodia.com] for not allowing their ice cream to be sold in occupied territories.

  • Sure, in theory these are countries western nations readily sell weapons to. Cyber weapons are special though, they don't just use these on regional power struggles. They hit western targets with this, western targets which higher IQ intelligence agencies would be a little more careful with.

    We really don't want to push the end to end messaging paranoiacs to start developing high visibility open source minimalist cryptophones. It would be a massive boon to criminals.

  • Perhaps a mildly worded warning label should be displayed prominently on the software's packaging, e.g. "Please use this spyware responsibly."

  • We just created this ridiculously addictive pill that is easily fatal if you crush it, cut it, or in any other way damage the time-release coating. Then we marketed the holy hell out of it, and sent heaps of samples to doctors to hand out (The first hit is always free, just like on the street.). And then we flooded the distributors and supply chains, to the point that there have been individual towns that literally are receiving and distributing thousands of pills per resident per month. And then we turn

  • "criticising a car manufacturer when a drunk driver crashes."

    Or criticizing Boeing when a pilot crashes his plane, preposterous!.

  • and Degussa said the same about Zylon B.

  • So blaming the company is like criticising a car manufacturer when a drunk driver crashes?

    Maybe so, but then reguiar car manufacturers don't build their vehicles to Mil Spec for the specific purpose of causing repeated crashes with guaranteed occupancy survivability, build in target acquisition and swerve-to-hit software, and then market it specifically to alcoholics.

  • How about another take on this: It levels the playing field for everyone. All you need to do is afford a product, not an entire industry. You can be a small country with almost no 3-letter capabilities, yet can have access to this massive tool.

    Everyone can spy everyone. Another step to a "perfect information" world.

    I don't think this is a world I want though, I'll keep my dumbphone.

Slashdot Top Deals

Truly simple systems... require infinite testing. -- Norman Augustine

Close