Welcome to European Tribune. It's gone a bit quiet around here these days, but it's still going.

Pegasus: Saudi Tracking Software for Dissidents

by Oui Sat Oct 20th, 2018 at 07:23:05 AM EST

Saudis Used Israeli Spyware to Track Khashoggi Associate, Leading Dissident | Tikun Olam |

It's well known the the  leading spyware package bought by repressive regimes, intelligence agencies, and corporate malefactors is Pegasus, which was created by the Israeli hacking company, NSO Group.  Its development has allowed NSO to thrive financially and become an attractive  target for major corporate interests.

More below the fold ...

Apparently, companies like Blackstone Group and  Verint are drawn to the revenue potential of the product, but willing to ignore the major moral conflicts that it engenders; at least until NGOs like Access Now  intervene to warm them of the moral hazard.

Now, we must factor in a new and alarming element to this moral calculus.  Until now, Pegasus has been used to monitor the communications of targeted individuals who are identified by its users as troublesome or threatening to various regimes.  Its use has been  confirmed by Citizen Lab in numerous countries, most notably in  Mexico [NYT] according to a  multi-part investigative series published by The New York Times.  But as far as we know (and the secrecy with which Pegasus is employed don't permit us to know fully how it's used), the product has never been instrumental in potentially harming or killing its targets.  Until now.

 Saudi use of Pegasus against its critics and "enemies"

The Washington Post  reports today that Canadian-Saudi dissident, Omar Abdelaziz, provided ten hours of recorded negotiations he conducted with two Saudi agents who confirmed implicitly that government agents had hacked him cell phone and knew about projects he had devised with murdered Saudi journalist, Jamal Khashoggi.  Citizen Lab further confirmed that they used Pegasus to do so.

Related reading about Verint, Narus and Pegasus from my diaries ...

Dutch Seek Their Own 'Patriot Act'
Dutch Are Champs with 42k Internet/Phone Taps (Verint)
Apple iPhone, Israel's Unit 8200 and Spying on Human Rights Advocates
Founder of Narus Ori Cohen, Hard to Trace his Roots

My earlier reply to Cat ...

C'mon Cat ...

The regime change offerings by the US Government with Pentagon leadership had full support of the California BIG tech companies. We're fighting TERROR ever since the 9/11 attacks ... don't you know??

Well known are the AT&T taps by the US Government plus the consortium of Five Eyes on global intelligence without borders. Five Eyes has expanded to Nine Eyes and more ... Israel's Unit 8200 and Mossad are fully equipped with raw data from the NSA and GCHQ. Furthermore there has been an active cyber warfare as part of US and NATO intelligence gathering.

I checked the blog archives here at ET and across the pond at BT ... nothing shows in a search for Google's "defection tracker" except my one diary in July 2016. I've written more diaries about colour revolutions and digital information warfare at the start of the so-called Arab Uprising. The Gulf States have weaponized social media to suppress dissent with support from US tech companies.

This is just a small part ...

Clinton Is No Democrat - Dallas Morning News
Google planned to help Syrian rebels bring down Assad regime, leaked Hillary Clinton emails claim

Internet stayed available for the rebels in Syria thanks to tech support from Western nations and companies.

Recent "discovery" in The Netherlands for similar "non-lethal" support to murderous jihadist factions in Syria.

Dutch government faces legal trouble after aiding terrorists

'Sapere aude'

by Oui (Oui) on Sat Oct 20th, 2018 at 07:26:30 AM EST
Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story | Buzzfeed |

Apple, however, has maintained that none of this is true -- in a comment to Bloomberg, in a vociferous and detailed company statement, and in a letter to Congress signed by Apple's vice president of information security, George Stathakopoulos. Meanwhile, Bloomberg has stood steadfastly by its story and even published a follow-up account that furthered the original's claims.

The result has been an impasse between some of the world's most powerful corporations and a highly respected news organization, even in the face of questions from Congress. On Thursday evening, an indignant Cook further ratcheted up the tension in response to an inquiry from BuzzFeed News.

"There is no truth in their story about Apple," Cook told BuzzFeed News in a phone interview. "They need to do that right thing and retract it."

'Sapere aude'
by Oui (Oui) on Sat Oct 20th, 2018 at 07:37:46 PM EST
Some technical analysis:

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know - and who is telling the truth? - The Register

So which is true: did the Chinese government succeed in infiltrating the hardware supply chain and install spy chips in highly sensitive US systems; or did Bloomberg's journalists go too far in their assertions? We'll dig in.

And two days ago:

Forgotten that Chinese spy chip story? We haven't - it's still wrong, Super Micro tells SEC - The Regidter

As far as El Reg is concerned, while Bloomberg is generally a gold standard in journalism, there are numerous problems with the original piece. For one thing, it would be near impossible to exfiltrate data from a bugged machine in a data center as Apple and Amazon, at least, have sophisticated monitoring tools that should catch unexpected network traffic. Similarly, they should be able to detect unauthorized changes to operating systems and applications, caused by the alleged spy chips injecting backdoor code into the software stack during boot.

They also inspect hardware before it is put into production: as well as visual inspections, it is possible to scan a motherboard for electromagnetic emissions and identify anything unexpected, such as a tiny chip smuggled onto or inside a PCB - there's even a patent on this kind of technology. Finally, the chip shown in the Bloomberg piece is too small to realistically contain the necessary logic and all the data to insert a viable backdoor into a software stack. It is likely just an illustration - meaning, the journalists had no evidence of a chip to show.

by Bernard (bernard) on Wed Oct 24th, 2018 at 07:12:49 PM EST
[ Parent ]
It just smells wrong. Among other things, if you're the Chinese government you can just alter the chips supplied and sub your version in, you don't need to start doing complicated shit with adding components. It sounds like a report of a theoretical hack, though it occurs to me that there may be elements in US government who would do something like this as part of their trade war with China and as an attack on companies publicly  opposed to their bullshit.
by Colman (colman at eurotrib.com) on Thu Oct 25th, 2018 at 09:26:06 AM EST
[ Parent ]

Diversity is the key to economic and political evolution.
by Cat on Wed Oct 24th, 2018 at 06:33:55 AM EST

Go to: [ European Tribune Homepage : Top of page : Top of comments ]