"Guns don't kill people. People kill people."<p>"Spyware doesn't spy on you. [Other] People spy on you."<p>Guns are a much better analogy than cars.
I see their point - I think weapon sales (like Pegasus) should be regulated but blaming the company is kind of silly. It's exactly like blaming Colt for weapon sales.<p>Should weapon sales be regulated? Sure.
Is NSO regulated by both the Israeli and US government? Sure.<p>Are those governments doing a good job regulating NSO? No.<p>Is the poor job of their regulation causing people to get hurt and NSO is complicit? Yes.<p>The solution in this case is to regulate selling Pegasus as strictly as selling weapons like the F-35 rather than like an AR-15.
It’s interesting to me that NSO spokesperson says “we don’t have any customer data”, but they also confidently assert they know how many times these hacks are used. I’ve seen the same pattern in other stories. Unfortunately the reporting never goes into how the tech works. I assume there have to be at least some SaaS aspects given what is known about its capabilities, which would mean they have access to a lot more information than they are letting on.
I really wish the public narrative concerning spyware would shift to something analogous to how we see the state monopoly on violence.<p>The police are a necessary institution that needs oversight and criticism to ensure that the dignity and rights of the population are preserved as much as possible. To that end, we don't hand over the role to private militia that has sparse regulation and no accountability.<p>NSO Group are the private police with sparse regulation and no accountability of the spyware world. They don't simply sell the means to an end, they operate and deploy those means on behalf of customers.<p>Just as we shouldn't accept police hiring private forces to kick down doors to check in on suspects, we shouldn't accept the contracting of services from NSO Group.
That is a line that signatories of the Wassenar arrangement cannot take. Israel is not officially a signatory but their own laws <i>pull-requests</i> the Wassenar arrangement and its amendments.<p>The agreement legislates what dual-use systems (that is weapons systems that also have civilian use) can countries export and under what legal obligations and conditions.<p>According to the agreement, producer/seller of dual use weapons systems is under obligation to ensure that the buyer is not abusing the weapon. Break in compliance makes the producer/seller culpable.<p>I think what this means is that if a country wants they can find legal ways of making Israel culpable. Realistically though, I doubt USA will let that happen.
Another part of this story is that the company completely denies their connection to this "list".<p>The media thus far has presented very little evidence that this list is actually from NSO Group.<p>They have provided no information on how this list was obtained and 67 phones (out of 50k) seems like a very small amount of phones (with a 55 percent success rate) to use as a basis for an international story across many major media outlets. These stories only consist of that this or this person is on the "list" (no evidence at all of spyware on their phone).
> So there should not be a list like this at all anywhere.<p>No there really shouldn't and yet there is, this is why every one is pissed at you NSO.<p>> You know, if a customer decides to misuse the system, he will not be a customer anymore.<p>If NSO has no access to customer data how do they know if their customers misuse the system? If they did find evidence of their customers misusing the system what stops them just ignoring it as a coincidence while putting out the pr message "We must hold ourselves to a higher standard"
In all this I am thinking about scale, and how many political leaders are using same tool to spy their political opponents?
I am thinking about just a few countries in which governments have discretionary right not do disclose how and where they spending tax money to the public.<p>Does anyone know's technically how is this tool exactly deployed, in the sense what prevents Chinese intelligence using same tool to spy on US officials?
This is a pretty reasonable point in my opinion. These are all countries allied with many of our own. Where is the government to government pressure to curb this bad behavior? Why is the private sector expected to be the guardian of civil liberties in other countries and the public sector let off the hook?
Sounds like how Amesys tried to defend itself in french public media a decade ago when the arab spring surveillance contracts were made public: "We make software that catches terrorists and pedophiles" was the slogan back then.
That's just not true.
They say the list is fake. The proofs are false. That they can't have 50ĸ targets. And that all clients sign to only track terrorists, and will lose much if not.
If there is no NSO master list of numbers targeted and they have no possession of customer data, then how are they also aware of how many numbers their clients target a year?
> But NSO Group said it had no knowledge of how some phones on the list contained remnants of spyware.<p>> It could be "a coincidence", the spokesman said.<p>I guess it could, but probably not
Drug dealers: blame our customers not us for selling drugs<p>No one will ever accept this kind of argument from a drug dealer, but yet they happily admit this kind of argument from this and other countless companies that business practices go against the public interest.<p>Anyone can tell me why?