We all worry. You, me and the people around us. We all worry. The trick is to not be hindered by it, but worry breeds doubt. It does for nearly all of us. At this I wonder about what I see, what I hear and what I read. You see the biggest creator of doubt is the worry on who or what to trust. No matter hat the intended party was, the party creator is behind the doubt that is being created, that is until the matter in the brain is settled. When that is done there will be a backlash, either right or wrong when you stand by that position the doubt comes back, it always does. It is almost the same when you buy something expensive, and for a few days afterwards you still check sources if there was another cheaper one. We all tend to do this, it is in our nature. So this is what was in the back of my mind when I saw (at https://www.theguardian.com/technology/2021/nov/16/israeli-firm-candiru-spyware-linked-to-attacks-on-websites-uk-middle-east) by none other than what I personally consider than any politicians favourite tool Stephanie Kirchgaessner. To understand where I stand I need to take you through the article. I gave my displeasure on what she considers journalism a few times, so I am taking you by the hand in the article ‘Israeli firm’s spyware linked to attacks on websites in UK and Middle East’. The article starts with “Canada-based researchers say new evidence suggests Candiru’s software used to target critics of autocratic regimes” immediately followed by “Researchers have found new evidence that suggests spyware made by an Israeli company that was recently blacklisted in the US has been used to target critics of Saudi Arabia and other autocratic regimes” this first part indicates that this involves the NSO Group, the link in the first paragraph also links to the NSO Group blacklisting. The linked article only mention of Candiru is “and another Israeli surveillance company called Candiru had developed and supplied spyware to foreign governments”. We then get “In such attacks, spyware users launch malware against ordinary websites that are known to attract readers or users who are considered “targets of interest” by the user of the malware”, the writer then covers her back by giving us “Unlike NSO Group’s signature spyware, which is called Pegasus and infects mobile phones”. Here we get the first part of what was setting me off. The NSO Group was made part of this to paint them a specific colour of black, just like some politicians wanted to. There is no real comparison as there is a lot of useless mentions of the NSO Group. The only part that mattered in the article was “Citizen Lab said it was able to identify a computer that had been hacked by Candiru’s malware, and then used that hard drive to extract a copy of the firm’s Windows spyware. The owner of the computer was a “politically active” individual in western Europe, it said” Yet the article is massively absent of evidence, and a repetitive “Candiru declined to comment”. The article is absent of a large chunk of information on Candiru, it is absent to support “Microsoft reported that it had found victims of the spyware in Israel and Iran”, she does not say “victims of the Candiru spyware”, there are a few other parts, but these are the parts that mattered. The Guardian is playing a dangerous game by not properly informing, or deceptively informing their audience. Even as the article ends with “the commerce department said it had evidence that Candiru developed and supplied spyware to foreign governments that used it to maliciously target government officials, journalists, businesspeople, activists, academics and embassy workers. The tools also helped to enable foreign governments to conduct “transnational repression”, the department said”, the last part does not state “evidence that Candiru allegedly developed” even as we do not see a list and an explanation of what the evidence is, an explanation of what makes it evidence, not the exact parts, but some form of an explanation and in all this why was the NSO group mentioned so abundantly?
No comparison list, no header of numbers on what kind and how many were shown to be hit, all absent. A mere “Candiru may have deals with Uzbekistan, Saudi Arabia and the UAE, Forbes has reported”, so when you consider “Candiru, which was founded in 2014 and has undergone several name changes. In 2017 the company was selling its malware to clients in the Gulf, western Europe and Asia”, time was not the problem, the approach is (as I personally see it) nothing less than a farce. And if a newspaper like the Guardian will use its investigative journalists to this degree, what exactly are the others doing? I should give you worry lines, it does me. If certain sources are starting to be absent of credibility and optionally less regarded as trustworthy, what can we trust?
Oh and it just dawned on me, espionage is a tool, a universal governmental tool. So was it “supplied spyware to foreign governments”, or should it be “supplied spyware to governments”?
Lawrence van Rijn - Law Lord to be 