Good fucking lord I don't even have the words

Open Letter to My Computer Science Students In the Wake of the Temporary Restraining Order

A TA at UCSD reflects on the unprecedented temporary restraining order granted against UAW 4811 's spring 2024 strike, and how CS is fueling modern genocide.

https://beatrix-morrigan.github.io/writing/in-the-wake-of-the-TRO.html

They Exposed an Israeli Spyware Firm. Now the Company Is Badgering Them in Court. May 6 2024

NSO Group, which makes Pegasus spyware, keeps trying to extract information from Citizen Lab researchers — and a judge keeps swatting it down.

"For years, cybersecurity researchers at Citizen Lab have monitored Israeli spyware firm NSO Group and its banner product, Pegasus. In 2019, Citizen Lab reported finding dozens of cases in which Pegasus was used to target the phones of journalists and human rights defenders via a WhatsApp security vulnerability.

Now NSO, which is blacklisted by the U.S. government for selling spyware to repressive regimes, is trying to use a lawsuit over the WhatsApp exploit to learn “how Citizen Lab conducted its analysis.”

The lawsuit, filed in U.S. federal court in 2019 by WhatsApp and Meta (then Facebook), alleges that NSO sent Pegasus and other malware to approximately 1,400 devices across the globe. For more than four years, NSO has failed repeatedly to get the case thrown out."

READ MORE https://theintercept.com/2024/05/06/pegasus-nso-group-israeli-spyware-citizen-lab/

Weekly output: spectrum policy, Snapdragon Seamless, spyware defenses, AI guardrails, Mark Vena podcast

For the fourth weekend in a row, I went on a long bike ride–this time, out the C&O Canal trail to Great Falls. That was one of the first destinations I visited on two wheels after I bought a bike in 1994, and the sight of the Potomac crashing over rocks has not gotten old over the 29 years since. It’s also nice to confirm that my aging body is not, in fact, too old for this. Patreon readers got a…

View On WordPress

"The European problem is that they were part once a genocide against the Jews and lot of the believes the Jews have to be right or the will be called Nazist." Wtf? Once again Europe is a continent not a country, it was Nazi Germany that did that. Why are you blaming all of Europe for that? Millions of people died fighting against Nazi Germany

Let me tell you about the Hungarian view.

First of all I personally hate this situation.

I try to educate people about the facts, but no matter what I try to show them they came up with "how much the jewish suffered how that land was theirs since forever. And they got killed."

Lot of people just saying all Arab are terrorist. 

Reasoning that palestine as a country never excited. 

They says I am the crazy one no matter what statistic I show to them, they dont care about that the Palestinians don't have water electricity. 

The are reasoning they got support before, why did they spent on guns?

All the Hungarian media is sided by the government of Israel. They forgotten that the Pegasus softwer was used against them. Our grovernment used the spyware to observe politicians journalist every person who are against the FIDESZ. This softwer one of the reason why we couldn't get any EU support in Hungary. Nobody got ever charged from the Ministry of Justice. It happened one or two years ago and the case is under the rug.

So I don't know how can I help more, because whenever I am speaking up I got the Crazy lady mark

I know I was wrong by saying every European country. And every European people. I am sorry.

In Hungary the grovernment used the Pegasus spyware to spy on journalist and politicans and everybody who dont like the System.

The spyware is Israels creation.

I am 100% sure they are using that as blackmail and they listening everything what AI Jazeera's riporters do.

If they find a proof to they are comiting crimes the newspaper would have been already dead. So because they can't kill the newspaper they are going after the journalists.

You know every critics of the Hungarian grovernment got the "Soros's paid down those" and the "Rolling dollars" indicator?

Its sounds the same schema.

The fact that all of you keep using Al Jazeera (AJ+) as a source for the situation in Palestine is really proof that you don't know what the hell you're talking about by the way. Al Jazeera is an extremely dicey piece of media funded and controlled by Qatar—you know, the modern slave state we were all mad was hosting the World Cup last year? Al Jazeera is by no means an unbiased source, it is a state-run Qatari propaganda broadcaster that is well-known for doing shit like reblogging anti-Semitic memes, downplaying any massacre perpetuated by Muslim extremists and absolutely refusing to criticize its own government's atrocities in any way, shape or form so like, maybe take whatever they tell you with a grain of salt.

In recent years, commercial spyware has been deployed by more actors against a wider range of victims, but the prevailing narrative has still been that the malware is used in targeted attacks against an extremely small number of people. At the same time, though, it has been difficult to check devices for infection, leading individuals to navigate an ad hoc array of academic institutions and NGOs that have been on the front lines of developing forensic techniques to detect mobile spyware. On Tuesday, the mobile device security firm iVerify is publishing findings from a spyware detection feature it launched in May. Of 2,500 device scans that the company's customers elected to submit for inspection, seven revealed infections by the notorious NSO Group malware known as Pegasus.

The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify's infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries.

Daily Newsletter

Our biggest stories, handpicked for you each day.

“The really fascinating thing is that the people who were targeted were not just journalists and activists, but business leaders, people running commercial enterprises, people in government positions,” says Rocky Cole, chief operating officer of iVerify and a former US National Security Agency analyst. “It looks a lot more like the targeting profile of your average piece of malware or your average APT group than it does the narrative that’s been out there that mercenary spyware is being abused to target activists. It is doing that, absolutely, but this cross section of society was surprising to find.”

Seven out of 2,500 scans may sound like a small group, especially in the somewhat self-selecting customer base of iVerify users, whether paying or free, who want to be monitoring their mobile device security at all, much less checking specifically for spyware. But the fact that the tool has already found a handful of infections at all speaks to how widely the use of spyware has proliferated around the world. Having an easy tool for diagnosing spyware compromises may well expand the picture of just how often such malware is being used.

“NSO Group sells its products exclusively to vetted US & Israel-allied intelligence and law enforcement agencies,” NSO Group spokesperson Gil Lainer told WIRED in a statement. "Our customers use these technologies daily.”

iVerify vice president of research Matthias Frielingsdorf will present the group's Pegasus findings at the Objective by the Sea security conference in Maui, Hawaii on Friday. He says that it took significant investment to develop the detection tool because mobile operating systems like Android, and particularly iOS, are more locked down than traditional desktop operating systems and don't allow monitoring software to have kernel access at the heart of the system. Cole says that the crucial insight was to use telemetry taken from as close to the kernel as possible to tune machine learning models for detection. Some spyware, like Pegasus, also has characteristic traits that make it easier to flag. In the seven detections, Mobile Threat Hunting caught Pegasus using diagnostic data, shutdown logs, and crash logs. But the challenge, Cole says, is in refining mobile monitoring tools to reduce false positives.

Developing the detection capability has already been invaluable, though. Cole says that it helped iVerify identify signs of compromise on the smartphone of Gurpatwant Singh Pannun, a lawyer and Sikh political activist who was the target of an alleged, foiled assassination attempt by an Indian government employee in New York City. The Mobile Threat Hunting feature also flagged suspected nation state activity on the mobile devices of two Harris-Walz campaign officials—a senior member of the campaign and an IT department member—during the presidential race.

“The age of assuming that iPhones and Android phones are safe out of the box is over,” Cole says. “The sorts of capabilities to know if your phone has spyware on it were not widespread. There were technical barriers and it was leaving a lot of people behind. Now you have the ability to know if your phone is infected with commercial spyware. And the rate is much higher than the prevailing narrative.”

A U.S. district court has ordered Israeli spyware firm NSO Group to disclose documents and code related to its notorious Pegasus spyware, to WhatsApp.

Responding to the news, the Head of the Security Lab at Amnesty International, Donncha Ó Cearbhaill said:

“This decision brings us a step closer towards accountability for up to 1,400 WhatsApp users targeted with Pegasus spyware in this case, as well as the countless other individuals around the world, who have continued to be targeted since this case was filed in 2019. This court order sends a clear signal to the surveillance industry that it cannot continue to enable spyware abuse with impunity.

“NSO Group says that it only sells Pegasus to authorized government customers. Our Security Lab has documented the massive scale and breadth of the use of Pegasus against human rights defenders and journalists across the world. It is vital that targets of Pegasus find out who has purchased and deployed the spyware against them so that they can seek meaningful redress.” (Amnesty International)

(source)

In June 2019, three Israeli computer engineers arrived at a New Jersey building used by the F.B.I. They unpacked dozens of computer servers, arranging them on tall racks in an isolated room. As they set up the equipment, the engineers made a series of calls to their bosses in Herzliya, a Tel Aviv suburb, at the headquarters for NSO Group, the world’s most notorious maker of spyware. Then, with their equipment in place, they began testing.

The F.B.I. had bought a version of Pegasus, NSO’s premier spying tool. For nearly a decade, the Israeli firm had been selling its surveillance software on a subscription basis to law-enforcement and intelligence agencies around the world, promising that it could do what no one else — not a private company, not even a state intelligence service — could do: consistently and reliably crack the encrypted communications of any iPhone or Android smartphone.

Since NSO had introduced Pegasus to the global market in 2011, it had helped Mexican authorities capture Joaquín Guzmán Loera, the drug lord known as El Chapo. European investigators have quietly used Pegasus to thwart terrorist plots, fight organized crime and, in one case, take down a global child-abuse ring, identifying dozens of suspects in more than 40 countries. In a broader sense, NSO’s products seemed to solve one of the biggest problems facing law-enforcement and intelligence agencies in the 21st century: that criminals and terrorists had better technology for encrypting their communications than investigators had to decrypt them. The criminal world had gone dark even as it was increasingly going global.

But by the time the company’s engineers walked through the door of the New Jersey facility in 2019, the many abuses of Pegasus had also been well documented. Mexico deployed the software not just against gangsters but also against journalists and political dissidents. The United Arab Emirates used the software to hack the phone of a civil rights activist whom the government threw in jail. Saudi Arabia used it against women’s rights activists and, according to a lawsuit filed by a Saudi dissident, to spy on communications with Jamal Khashoggi, a columnist for The Washington Post, whom Saudi operatives killed and dismembered in Istanbul in 2018.

(continue reading)

Authoritarian Leaders and Spyware: A Threat to Global Privacy

Privacy is Dead, Long Live Privacy, or, as some might say, Give Caesar What Is Caesar’s and Goodbye, Best of Luck. It may sound like an introduction, but in this case, it is quite the opposite: these are damning phrases that symbolise a direct assault on global privacy. This time, the investigation delves into a world that everyone talks about, few truly understand, and over which opinions…

I used to live quite near the Coquitlam school district where Amanda Todd committed suicide. Nothing has changed in 10 years with school districts, teachers, parents or social media. In Seattle they just passed a caste discrimination law which I think is a joke since no nation can even get the basics of rule of law right and censorship is rampant in India. Spyware is being deployed against minorities at will. If only we could turn back time where surveillance of citizens and children wasn't the norm. 🙏 Perhaps a zoom meeting on how to help teens from people who REALLY care is needed. I could be dead wrong...FOMO ya'll.

Pegasus: El Espía Invisible que Revolucionó la Ciberseguridad y Desató una Tormenta Global

El spyware Pegasus ha estado en el centro de la controversia internacional desde su descubrimiento, siendo una de las herramientas de ciberespionaje más sofisticadas y peligrosas jamás creadas. Este artículo profundizará en la historia de Pegasus, su finalidad, y las implicaciones que ha traído para la ciberseguridad en un mundo cada vez más digitalizado. Origen de Pegasus: La Creación de un…

Israelis can't accuse others of cyber crimes

Israeli officials seized documents about Pegasus spyware from its manufacturer, NSO Group, in an effort to prevent the company from being able to comply with demands made by WhatsApp in a US court to hand over information about the invasive technology.

...

Pegasus allows NSO clients to infect smartphones with hidden software that can extract messages and photos, record calls and secretly activate microphones.