351
No one is safe from the out-of-control designer spyware industry. Export controls have failed as a means of regulating this easily abused technology. Without an immediate global moratorium on the trade, this will only get worse. washingtonpost.com/world/2021/07/…
352
NSO's claim that it is "technologically impossible” to spy on American phone numbers is a bald-faced lie: a exploit that works against Macron's iPhone will work the same on Biden's iPhone.
Any code written to prohibit targeting a country can also be unwritten. It's a fig leaf. twitter.com/Snowden/status…
353
How else can NSO's country-code targeting prohibition be bypassed? Simple:
1) Target a specially-prepared device *you control* in an eligible country code
2) Forensically capture each exploit stage as it's served to your trap device
3) Reverse it
4) Retarget anyone, anywhere twitter.com/Snowden/status…
354
NSO has no way to know if anyone has done this in the past—or is continuing to do this right now. Exploit code can be caught and copied.
Just as with a biological virus, it takes just a single digital infection for the possibility of retransmission—and mutation. Ban the trade. twitter.com/Snowden/status…
355
WaPo's editorial solution to the NSO scandal is so embarrassingly weak that it is itself a scandal. These companies (and their hosts) claim "transparency, accountability, and licensing requirements" are already in place!
You ask for less than nothing.
washingtonpost.com/opinions/2021/…
356
Let me be clear: export regulations, licensing, and reviews have been in place for years. They did not work, and cannot work.
A moratorium on the trade in intrusion software is the bare minimum for a credible response—mere triage. Anything less and the problem gets worse. twitter.com/Snowden/status…
357
This is not a maximalist position, it is simply realism. You aren't even breathing the same air as a strong position until you reach criminal liability for involvement in the trade.
358
Imagine having your columnist *murdered* and responding with a whispered appeal for the architects of that murder to fill out more paperwork next time. twitter.com/Snowden/status…
359
Contrast the @washingtonpost's half-hearted editorial, suggesting with downcast eyes that Israel and Saudi Arabia could perhaps stamp a few more papers before next murdering one of their columnists, with the Guardian invoking moratorium and liability: theguardian.com/commentisfree/…
360
@rj_gallagher You do know Amnesty & Citizenlab actually examined phones whose numbers were on the list and found forensic evidence of Pegasus, right? Pretty irresponsible to amplify an obviously false statement.
361
This is very much worth reading. Daniel Hale did a brave and important thing for the United States, and what is being done to him in response is a national disgrace. nymag.com/intelligencer/…
362
The NSO Group is running a disinformation campaign to undermine the Pegasus Project—because of course they are—but @amnesty just demolished it: twitter.com/AmnestyTech/st…
363
Whether we like it or not, adversaries and allies share a common environment, and with each passing day, we become increasingly dependent on devices that run a common code.
edwardsnowden.substack.com/p/ns-oh-god-ho…
364
This will be the future: a world of people too busy playing with their phones to notice that someone else controls them.
edwardsnowden.substack.com/p/ns-oh-god-ho…
365
If you want to see Microsoft have a heart attack, talk about defining legal liability for bad code in a commercial product. To give Facebook nightmares, talk about making it legally liable for leaks of their unnecessarily collected personal records. edwardsnowden.substack.com/p/ns-oh-god-ho…
366
how dare you twitter.com/Variety/status…
367
If we don’t do anything to stop the sale of this technology, it’s not just going to be 50,000 targets: It’s going to be 50 million targets, and it’s going to happen much more quickly than any of us expect.
edwardsnowden.substack.com/p/ns-oh-god-ho…
368
"The text made no sound. It produced no image. It offered no warning of any kind as an iMessage delivered malware directly onto her phone — and past Apple’s security systems." edwardsnowden.substack.com/p/ns-oh-god-ho…
369
Powerful: "For us to cede to governments and corporations the legal right to invade and take over our phones is to voluntarily submit ourselves to being violated." theguardian.com/commentisfree/…
370
Daniel Hale, one of the great American Whistleblowers, was just moments ago sentenced to four years in prison. His crime was telling this truth: 90% of those killed by US drones are bystanders, not the intended targets.
He should have been given a medal. twitter.com/FreedomofPress…
371
Every newspaper in America should be saying this. twitter.com/ACLU/status/14…
372
Looks like Novalpina Capital's investment in the NSO Group is going well:
news.sky.com/story/pegasus-…
373
Apple today: "In 3 months, we spent $10 billion on dividends and $66b on stock buybacks."
Sure sounds like a good time to commit $10b to improving iOS security, since companies are selling iPhone hacks for less than your lunch money to actual murderers:
washingtonpost.com/technology/202…
374
Apple's financials citing these numbers are available at the bottom of this page: apple.com/newsroom/2021/…
375
Look, @Apple has so much money that they literally don't know what to do with it — like $190 billion cash on hand. They could launch a Manhattan Project to secure the future of personal devices, rather than just keeping pace with industry.
Think different, guys. Revolutionize! twitter.com/Snowden/status…
You can find me on #nostr @ pubkey: #npub1sn0wdenkukak0d9dfczzeacvhkrgz92ak56egt7vdgzn8pv2wfqqhrjdv9. (use Damus on iOS, Amethyst on Android, or snort.social)