Tag Archives: NSO group

Two items

Yes, there are two items that are on the mind of may people. One is directly on the mind of many and as I stated in ‘Utter insanity’ on October 4th a lot of impact will be seen and the poor will get the brunt of that impact. As I see it, there is a lot that will be going wrong and even as the US Democrats are hiding behind the media slogans like ‘Biden: Republicans playing ‘Russian roulette’ with US economy over debt ceiling’, we better catch on quick. This issue is not now, it has been going on for over a decade, too much spending, no exit strategy and upping the debt every time and this has been going on since the Presidents George W Bush, Barack Obama, Donald Trump and President Joe Biden were in office. From 2001 the debt want from $6 trillion until now as it is $28 trillion. I will agree that President Biden got a really bad hand and he inherited the debt, but so did Obama and Trump. George W Bush had Afghanistan and Iraq in consequence to what happened in New York which was not on him, but ALL these presidents had the option to overhaul the Tax system and NONE of them did so, this pox is on BOTH the Republican and the Democrat houses. A budget that was there to enable big business and media but none acted over well over 20 years, so this is on more. In this Bill Clinton was the one who left the budget was in surplus so his inaction has a decent acceptable excuse. And now the Republicans say enough is enough, I cannot fault them for that. As I showed the Defence department wasted $30-$45 billion on TWO PROJECTS, two projects that does not meet the bare minimum but we go on paying those wasting the funds. Why is that? And the lack of adjusting Tax laws, not to tax the rich, but the setting of justly tax ALL. An optional setting that as offered to them in 1998, but they were eager to state that it was too hard. Now consider the Google Ads system that properly (and decently) charges the advertiser and not greedy grab the advertiser like the advertisement  agencies did for decades. So it was not that hard, was it?

And as we now see the need to ‘overhaul’ the Senate rules to end the amendment of the ‘filibuster’, a stage that has been there for a long time is now regarded by the Democrats as too hard to handle. I am not the voice for against that decision, yet consider that THEY TOO would not overhaul the tax system when it was in their administration, so is it fair? And in all this Wall Street is giving whatever ‘free’ advice the media is willing to listen to, they are so scared now. 

What was issue two?
It cones from a different corner. When the BBC gave us ‘Princess Haya: Dubai ruler had ex-wife’s phone hacked – UK court’ 8 hours ago (at https://www.bbc.co.uk/news/world-middle-east-58814978) I saw “The High Court has found that the ruler of Dubai, Sheikh Mohammed Al Maktoum, interfered with British justice by ordering the hacking of the phone of his ex-wife, Princess Haya of Jordan. The phones of her solicitors, Baroness Fiona Shackleton QC and Nick Manners, were also targeted during their divorce custody case, according to the court”, it took a few second (approximately 7.1) and my mind raced. You see the media is a nice source to use given information against them. You see, The Verge gave us on July 23rd (at https://www.theverge.com/22589942/nso-group-pegasus-project-amnesty-investigation-journalists-activists-targeted) ‘NSO’s Pegasus spyware: here’s what we know. In that article we get “NSO Group’s CEO and co-founder Shalev Hulio broadly denied the allegations, claiming that the list of numbers had nothing to do with Pegasus or NSO. He argued that a list of phone numbers targeted by Pegasus (which NSO says it doesn’t keep, as it has “no insight” into what investigations are being carried out by its clients) would be much shorter”, It is the setting of “has “no insight” into what investigations are being carried out by its clients” against the setting that the BBC gives us which is “referred to the hacking as “serial breaches of (UK) domestic criminal law”, “in violation of fundamental common law and ECHR rights”, “interference with the process of this court and the mother’s access to justice” and “abuse of power” by a head of government”, we can agree with the point of view, but where is the evidence? The NSO stated that it does not keep any, so what is the source and the foundation of the evidence? The link the BBC gives us the judgment (at https://www.judiciary.uk/judgments/al-maktoum-judgments/) yet there I see in the reference for the Hacking fact finding part:

i. The mobile phones of the mother, two of her solicitors (Baroness Shackleton and Nicholas Manners), her Personal Assistant and two members of her security staff have been the subject of unlawful surveillance during the course of the present proceedings and at a time of significant events in those proceedings.

ii. The surveillance has been carried out by using software licensed to the Emirate of Dubai or the UAE by the NSO Group.

iit. The surveillance has been carried out by servants or agents of the father, the Emirate of Dubai or the UAE.

iv. The software used for this surveillance included the capacity to track the target’s location, the reading of SMS and email messages and other messaging apps, listening to telephone calls and accessing the target’s contact lists, passwords, calendars and photographs. It would also allow recording of live activity and taking of screenshots and pictures.

Yet in all this, how was this evidence obtained? The findings rely on the setting stated by Baroness Hale, which is fair enough and she stated “In this country we do not require documentary proof. We rely heavily on oral evidence, especially from those who were present when the alleged events took place. Day after day, up and down the country, on issues large and small, judges are making up their minds whom to believe. They are guided by many things, including the inherent probabilities, any contemporaneous documentation or records, any circumstantial evidence tending to support one account rather than the other, and their overall impression of the characters and motivations of the witnesses.” Here I have a problem. Not the setting that Baroness Hale states, it applies for many cases and I would support this, yet in this technology the problem is that even those deep into this technology do not completely understand what they face. When we look at sources all over, we see a former intelligence officer from Germany who cannot state that Huawei is a danger, because their technology people do not comprehend it. We see source after source flaming the NSO group issues but they are flaming and even those sources are debated as it refers to sources from 2016, long before the Pegasus group had the software it deploys now. If we accept the words by Baroness Hale “We rely heavily on oral evidence, especially from those who were present when the alleged events took place” yet what happens when that witness the average normal person, how can that person give credibility to neural surgery? It is the same, a stage where the media relied on flaming and keeping people off balance, how can a person who does not comprehend technology be given the credibility that this court has? And should the court disregard the influence the media has, they merely need to see connected contributory manslaughter Martin Bashir was a part of, as I personally see it, his actions resulted in the path that led to the death of Lady Diana Spencer. 

In this I support “the court’s findings were based on evidence that was not disclosed to him, and that they were “made in a manner which was unfair””, I will take it one step further, if the submitted evidence is held to the cold light of day, its value will be debatable on a few levels. So when we consider “Dr William Marczak, who is based in California and is a senior research fellow at the University of Toronto’s Citizen Lab, which researches digital surveillance. He told the court he had no doubt the phones were hacked using NSO’s Pegasus software. He also concluded “with high confidence” that the phones were hacked by a single operator in a nation state. He concluded with medium confidence that it was most unlikely to be any state other than the UAE.” In this we saw the CIA with their “with high confidence” and I wonder hat it is based on. I am not attacking Dr William Marczak, there is no reason to, but when you consider “with medium confidence that it was most unlikely to be any state other than the UAE”, so he is not completely certain, he is decently certain that someone did it, but there is no evidence (aka he cannot swear) that it was the UAE, feel free to read the settings and the statements, it could have been anyone, if the evidence holds up to scrutiny and that pert is also a part I am not certain of. You see when we see “A senior member of NSO’s management team called Mrs Blair from Israel on 5 August 2020 to inform her that “it had come to their attention that their software may have been misused to monitor the mobile phones of Baroness Shackleton and HRH Princess Haya” and we hold it up to the interview in The Verge on July 23rd with Shalev Hulio we see conflicts, conflicts of optional evidence by the same source, why is that?

These are the two Items that were bugging me to some extent and as my mind is racing towards another TV series stage (it will be the third my mind designs) I wonder what the eager bored mind is able to contemplate. So as we wonder what drove the judgement (no negativity implied), I see too many strings going from one place to another and they might be just in my mind (the place between ones ears) but too much evidence does not make sense, in both stages offered and the media took centre stage to both, and the media is the weakest link of credibility, that has been personally proven a few times over.

1 Comment

Filed under Finance, IT, Law, Media, Politics, Science

The same gramophone

It started over a month ago with ‘From horse to course’ (at https://lawlordtobe.com/2021/07/23/from-horse-to-course/) there we saw the attack and the debatability on some of the presented evidence. Today we see (at https://www.theguardian.com/news/2021/sep/15/eu-poised-to-tighten-privacy-laws-after-pegasus-spyware-scandal) ‘EU commissioner calls for urgent action against Pegasus spyware’ and it would make sense, until we get to “The investigation was based on forensic analysis of phones and analysis of a leaked database of 50,000 numbers”, so in well over a month there are no top-line statistics? The list was attacked by a few well over a month ago, but here we see the Guardian, specifically Daniel Boffey hash over the same stage with nothing to show for it, so is he what some might call ‘a fucking tool’ for stakeholders or a wannabe journalist? Consider that we pretty much get the same details we saw in my article and these parts came from the BBC and the Guardian’s own article from last July. That article gave us “NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using its spyware, saying in multiple statements that it requires its government clients to use its powerful spying tools only for legitimate investigations into terrorism or crime”, so whilst we now see “analysis of a leaked database of 50,000 numbers, including that of the French president, Emmanuel Macron, and European Council president, Charles Michel”. So did Daniel forget to do his homework or was he acting on the needs of a stakeholder? I actually do not know, hence I ask here. The largest failing is that the Guardian gives us some emotional charged article and no homework was done, there is no top-line on the nations involved with the 50,000 phone numbers. All whilst I also showed (at https://lawlordtobe.com/2021/07/28/retry-or-retrial/) a few days later when The Verge got involved that 50,000 numbers imply a cost of no less than $400,000,000 which is still not looked at, so why is the Guardian (BBC too) this unable to perform? In that article ‘Retry or retrial?’ We see the Verge giving us “The Washington Post says that the list is from 2016” and that journalist no one cares about was still alive. A setting that is seemingly overlooked by TWO news organisations and none of them vetted information through a top-line which is what I would have done first. So how many of these numbers are EU numbers? How many are in France, the Netherlands, the United Kingdom, Germany or Sweden? In over a month neither newsagent got that part done and if the Verge is to be believed the 2016 list without a top-line shows newsagents to be massively incompetent. 

Added here we see the added part “A consortium of 17 media outlets, including the Guardian, revealed in July that global clients of the Israeli surveillance firm NSO Group had used hacking software to target human rights activists, journalists and lawyers”, that part negated is that the NSO group is a service branch towards governments on the tracking of criminals and terrorists. This caper costs a government “$500,000 for an extra 50 phones” (source: The Verge) all whilst the entire list represents a minimum value of $400 million. So which governments spend that much on these numbers and when you consider that it was a list of governments, we see additional info that the leaked list is a fictive list, there is no leak that hands the phone lists of all these governments and that is before we consider that one number might be on several lists. Consider that both Macron and Johnson want to know where Merkel gets her lingerie (ha ha ha). OK, that was a funny, but the setting is valid, there is a genuine need for several governments to keep track of a person and when we consider that I could have made a top-line within a week (depending on how the data looks) why did the Guardian and the BBC not succeed? Why do they not have any reference to the leaked list being a 2016 list? 

Also in the end we see the Guardian give us “NSO says it “does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets”” when we consider that we see more debatable sides to a list of 50,000, we see the lack of actions for well over a month (almost 2 months) and at no stage do we see any clear allegations against any government apart for some mention of Hungary, all whilst the top-line results could have pointed the finger at someone. Do you actually believe that the UAE or Saudi Arabia have any interest in a Dutch Human rights activist? At the prices that the NSO charges, I very much doubt it. 

So here I stand asking the Guardian (and specifically Daniel Boffey) what on earth do you think you are doing? Who are you serving, because the lack of evidence and lack of clear verifiable data implies you are not doing this for the readers, if that were true the article would have looked very different.

1 Comment

Filed under IT, Media, Military, Politics, Science

Speculative design

Many do this at times. We look at something and we think ‘What if we move part N to location X?’ It is a perfectly valid idea and it keeps a brain active and in creative mode, which tends to be good for several reasons. So I was busy thinking things out, in one it is the side of pushing another IP towards public domain, it is too soon, but not by much. So the mind started to wander. The first part was the new trojan that the NSO group is suspected off (see previous story), the second was a line in the West Wing (which I am watching again during the lockdown plus curfew. There we hear about a pen designed for NASA that works upside down, one mentions that Russia solved it by using a pencil. You might not think it, but it is actually an important part. So as these elements rolled in my mind, I wondered on adding a setting (just to piss off the Iranians) in a stage to get two for the price of one, they do use Russian hardware. As such I thought that we need a few clever boffins and as such the people should call on the NSA (No Such Agency). What if we find a way to introduce a hippocampus to the hardware? A hippocampus is a trojan that is submerged (in this case) into the firing solutions. You see at some point a target needs to be setup and that moment the link becomes a weak link. You see not all systems have additional redundant systems and I am willing to bet that Iran has the latest hardware, but not every internal system is up to the latest standard. Implying that we can add something. So what if these missiles would then automatically start to be set to point X plus 1-10 miles? A submerged trojan horse might pull that off. There are a few questions that require me to have a lot more firing system knowledge. Yet when we consider the elements rocket-firing solution-guidance, we might see that the firing solution will be the easiest transgression and these systems do require to get to a base. A solution  that will hit EVERY firing system by infecting all the systems and the infection stays where it is until it fires and then it becomes a nice 4th July showtime. And there is a nice secondary part, the person firing is the one hitting ones self. Passive aggression in full view. 

So is my view realistic? I do not know, I do not care. I merely try to design a way to stop players like Iran and I will use any way possible. All whilst politicians make claims to do something and after spending truckloads on funds on long exclusive trips that tends to include a few 5 star hotels, I on the other hand, sitting on my sofa came up with ideas that had no cost, merely a few dimes of electricity. One works in whatever way the brain gets to be (more) creative. It was the same path I followed when I designed a way to push a  meltdown in the Iranian nuclear plants. OK, I also engineered two additional valve ideas and when I file for these I might get a few additional dollars as well. I do know that these solutions are pure concept, there is no guarantee it will work. But it keeps my brain busy and if it doesn’t work, it might make for a nice additional part to some TV series or movie. The creative brain can come up with a dozen ideas, just be ready that it ends up where it was not expected to go. You might find that funny and it is, but when you consider how books, games and movies got an infusion of brilliance. You merely have to consider how they got to be. Games like Ultima 3 became inspirations to a lot more RPG games (made by other makers). The EA game ShadowCaster was by way too many overlooked, yet when you see “the 49th best computer game of all time, calling it “an admirable attempt to show that RPGs don’t have to be boring””, so why was this game not remastered and redesigned for consoles and streamings? In that same light we can review all kinds of neglected hardware and see just how creative we could get with it. Everyone is so busy in making things not work that they overlook the option to make it hurt the activator and not the target. Perhaps we need to instil the need for people who work for no such agency to get better acquainted with gaming. You might not realise it but games have been on the fringe of hardware for at least 3 decades, optionally even longer and even as some ‘embrace’ that nowadays games are more advanced, people forget that the CBM-64 and Atari ST allowed for games that were often not possible, yet the game makers found a way around their limitations. Consider a game like Impossible mission (Epyx) and the fact that this game can still be enjoyed on an 8 bit system by any number of gamers today, and they got that done on a system with a mere 38KB, it can equal a game that requires an 8GB system, so there!

There are of course a few more ideas, but it is about the concept of working with limits. I ned not explain this to programmers, but some of them will grab an Azure SDK and start from there. We forget that that same company gave us the Microsoft Assembler. Azure solutions start at 765 kilo bits, whilst assembly gives us one of the smallest useful programs for a mere 4 bytes. It is not merely what solution is used, it is about what limitations can be used to our advantage and as a snow-globe gave me the idea to meltdown a reactor, an assembly program used to overcome some security on an EA game (8 bytes) might be the path to set the firing point of the Qiam-1 to the destination point as firing point + 10000 if the destination is measured in metres. At times we forget that having more space does not work, it requires limitations to give us the creativity we required to get it done.

Just my 2 bytes on the matter.

Leave a comment

Filed under Gaming, IT, Military, Science

As questions rise

The BBC gave us the rundown late yesterday (at https://www.bbc.com/news/business-58540936) where we are given ‘Apple rushes to block ‘zero-click’ iPhone spyware’. A setting that comes at times and this is not against Apple, yet the article left me with questions. I get that there is initial finger pointing, as such pointing to the best in the field makes perfect sense to me and it is done with “it had high confidence that the Israeli hacker-for-hire firm, NSO Group, was behind that attack”, I do admit that the term ‘hacker-for-hire’ will be one that requires more precise explaining. Bill Marczak from the University of Toronto’s Citizen which first highlighted the issue gives us “we previously found evidence of zero-click spyware, but “this is the first one where the exploit has been captured so we can find out how it works,”” and this got me thinking. 

Where is the timeline? With what version of iOS does it start? Version 14, version 14.5, version 13? So how long was this in play? It is not the fault of the BBC and it is the first issue.

We then get “the security issue was exploited to plant spyware on a Saudi activist’s iPhone”, so how many activists are monitored? When was the transgression detected? How was the transgression detected? At least two of these questions require investigation and the BBC did not go there. We can argue whether they were required to do so. 

So whilst we are lulled to sleep with “Security experts have said that although the discovery is significant, most users of Apple devices should not be overly concerned as such attacks are usually highly targeted” which could be an absolute truth, we see the setting that Apple is protected. So why was the weakness there in the first place? The answer might be extremely valid, no system is truly secure, we have seen that for a long time. Yet in the moments where I saw this article I phrased a few questions that I have not seen anywhere else (as far as I could tell). And of all the people who could be infected, we get the mention of ‘Saudi activist’? The article was set to certain measures and without proper and a clear explanation there is every chance that additional questions will be asked from the University of Toronto as well. This is not against them and I have nothing against Bill Marczak (I do not know anything about him), but the stage was set in a few measures and that makes for a worrisome setting. A BBC article absent of a few facts and the insertion of a few innuendo’s. All whilst there optionally might be questions from the NSO Group. A stage where we see a setting where (in my personal opinion) someone was standing of the axial of a seesaw to keep the almost in balance. And as the NSO Group, Saudi Arabia and Apple where alternating on the seesaw, the man in the middle offset the balance by just enough to make is wonder, to make us lay blame. Yet all that happened with several facts missing and the smallest mention of “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”.

We all need to do what we need to do, yet I wonder if the BBC (and Reuters) did enough here.

Leave a comment

Filed under IT, Science

Retry or retrial?

It is time to revisit a few issues, actually one issue and a whole lot connected to it. To start, I decided to go with The Verge, it has its ducks decently in a row, the article ‘NSO’s Pegasus spyware: here’s what we know’ is the best of them all, they also make reference to a lot of articles, and they have a decent line. The article (at https://www.theverge.com/22589942/nso-group-pegasus-project-amnesty-investigation-journalists-activists-targeted) is best if you read it yourself. Mitchell Clark did a good job, and as you have read the article, I can make a few jumps. The important jump gets us to the Washington Post (at https://www.washingtonpost.com/investigations/interactive/2021/nso-spyware-pegasus-cellphones/). This came from the link in “However, much of the reporting centers around a list containing 50,000 phone numbers” and when we seek the Washington Post article, we get “reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and prime ministers also appeared on the list”, no evidence mind you, merely statement and boasting. I call it boast, because we see there that the Amnesty’s Security Lab examined 67 smartphones all whilst close to 50% had an inconclusive test. If this is 67, what about the other 49,933? So when we get to “NSO chief executive Shalev Hulio expressed concern in a phone interview with The Post about some of the details he had read in Pegasus Project stories Sunday, while continuing to dispute that the list of more than 50,000 phone numbers had anything to do with NSO or Pegasus”, my support goes to Shalev Hulio. The Washington Post has a declining amount of credibility and this does not help. From my point of view, I would have made a dashboard based on the 50,000 numbers with a clear separation, In the top layer the continents, then the countries, where we see number of mobiles, versus number of landlines. This basic setting was never done, how stupid is that? A second dashboard could be the identifying class (journalist, government, lawyer, NGO) just to coin a phrase, the Washington Post was all about emotion, not about fact. I see this as a prime time hack job, with the alleged journo’s being the hacks, we also do not get any level of trustworthy setting on how the leak got to the Washington Post. Question upon question and in the mean time we get to see “In Hungary, numbers associated with at least two media magnates were among hundreds on the list, and the phones of two working journalists were targeted and infected, forensic analysis showed” 4 people and 50,000 numbers, could the article be any less relevant? And the stupidity of the Washington Post does not end, no it goes further with “Amnesty’s forensics found evidence that Pegasus was targeted at the two women closest to Saudi columnist Khashoggi, who wrote for The Post’s Opinions section. The phone of his fiancee, Hatice Cengiz, was successfully infected during the days after his murder in Turkey on Oct. 2, 2018, according to a forensic analysis by Amnesty’s Security Lab”, we see ‘two women closest to Saudi columnist Khashoggi’, so how did they get there? Because the numbers were on the list? And when we see ‘The phone of his fiancee, Hatice Cengiz, was successfully infected’, so how was that evidence obtained? From my point of view the text “according to a forensic analysis by Amnesty’s Security Lab” just does not cover it. It even gets worse with “Also on the list were the numbers of two Turkish officials involved in investigating his dismemberment by a Saudi hit team”, I see it as a weak approach to mention “investigating his dismemberment” which was NEVER proven, the proof requires a body, they never got that, at best the man is theoretically still merely missing. And from there we get to “Khashoggi also had a wife, Hanan Elatr, whose phone was targeted by someone using Pegasus in the months before his killing. Amnesty was unable to determine whether the hack was successful”, consider the text “Amnesty was unable to determine whether the hack was successful”, if that is true, how come we get “targeted by someone using Pegasus in the months before his killing”, how was that timeline proven? It is a simple question, the article is a bad approach to give more visibility to a journalist no one gives a fuck about. I like the quote ““This is nasty software — like eloquently nasty,” said Timothy Summers, a former cybersecurity engineer at a U.S. intelligence agency and now director of IT at Arizona State University”, is it eloquent because the NSA never made it, or because an Israeli company has the lead on this? I wonder what Timothy would have said if this was an NSA application? 

And the Verge is on my side, they give us “WAIT, WHO MADE THIS LIST?”, as well as “At this point, that’s clear as mud. NSO says the list has nothing to do with its business, and claims it’s from a simple database of cellular numbers that’s a feature of the global cellular network”, which is supported by “A statement from an Amnesty International spokesperson, posted to Twitter by cybersecurity journalist Kim Zetter, says that the list indicates numbers that were marked as “of interest” to NSO’s various clients. The Washington Post says that the list is from 2016” and when we consider these quotes and we read the Washington Post article for the shite it seems to be, I wonder who is waking up to the fact that the media, all the other media is merely re-quoting what the Washington Post stated and it is absent of all kinds of facts, or they merely didn’t bother putting the facts there. 

The entire Pegasus setting seems like a Wag the Dog approach to whatever these papers want to create and it is optionally a setting (a speculative one) that this is the push from stakeholders who have an issue with the NSO group, all whilst no credible evidence is given to us that there is an actual issue. And in all this the money trail was ignored, I ignored it too, mainly because I was unaware, yet the Verge was aware and they give us “At the time, the costs were reportedly $650,000 to hack 10 iPhone or Android users, or $500,000 to infiltrate five BlackBerry users. Clients could then pay more to target additional users, saving as they spy with bulk discounts: $800,000 for an additional 100 phones, $500,000 for an extra 50 phones” this implies that the cheapest option would be 500 times $800,000, which gives us $400,000,000 that is a whole lot of cash for a lot of people no one cares about. Yes, there are a few alleged targets that makes the pricing worth it, but with the setting I have, there is no way that the 50,000 numbers make sense, oh and before I forget, if this is a list for multiple sources, how many of the numbers doubled up? Too many questions and the media stupidly reprinting what the Washington Post is giving us makes no sense at all, unless you are a stakeholder with anti-Israel sentiments. 

In this Shalev Hulio is right that he is “continuing to dispute that the list of more than 50,000 phone numbers had anything to do with NSO or Pegasus”, I would too and I found a lot of the disputable issues within an hour, I wonder how shortsighted the media was when they decided to reprint what the Washington Post gave them. So whilst the Guardian gives us ‘the global impact of the Pegasus project’, I merely see a storm in a teacup, because the issues in the Washington Post were never decently vetted on a few levels and that is likely the biggest failing of the media at present. It is merely my point of view and I am happy to state that I could be wrong, but the lack of credible evidence, all whilst the media has a declining level of credibility makes my view the most likely correct one, most likely, because I have not seen the evidence, but as you read the articles, that are all about details, lacking generic evidence, how would you see it?

1 Comment

Filed under IT, Media, Military, Politics, Science

From horse to course

Yes, there is a horse, it is not Mr. Ed, there is no kind conversation. This one has wings, and there are a few versions, including the off-spring of Lord Poseidon. Whether we believe Hesiod or not, it does not matter. Pegasus became a part of our oldest mythological stories. Yet today, Pegasus is something else, a figment from the imaginations of the NSO group and it was made real. It has been out for some time and last week we got the media and their overemotional response that it had a connection to 50,000 people, with 0.36% of these people journalists.

So what gives?
It is important to look at a few sources. The first is the BBC (at https://www.bbc.co.uk/news/world-middle-east-57922543) who gives us ‘Princess Latifa and Princess Haya numbers ‘among leaks’’, perhaps yes, perhaps no, who cares? We do get “The discovery of the princesses’ phone numbers on the list – and those of some acquaintances – has raised questions about whether they could have been the possible target of a government client of the group.” And here the questions start and the BBC is not asking them. Just like it is steering clear of alleged man-slaughterer Martin Bashir. So when we see ‘could have been the possible target of a government client of the group’ could is here the operative word. You see, no one is doubting that list, no one has given us a clear rundown of the names, a dashboard if you like, with the option to drill per nation and per class of person. This could all be a ruse of anti-Israeli groups, optionally the ruse of a competitor. And when we see “NSO has denied any wrongdoing. It says the software is intended for use against criminals and terrorists, and is made available only to military, law enforcement and intelligence agencies with good human rights records”, so which government leaked the list and how did THAT government leak what is implied to be a complete list? Then we get to the option that the leak came from within the NSO Group, which might be the most ludicrous thought, but I tend to look at all angles, so it is an angle that is most unlikely, but the chance is not zero. The article is all about Princess Latifa, not much about the NSO Group, it is an emotional lamentation to steer clear of massive screw ups like Jimmy Savile, Lord McAlpine, Sir Cliff Richard, and Lady Diana Spencer. As some say, the credibility of the BBC has never been lower. 

The second article is also from the BBC (at https://www.bbc.com/news/technology-57922664) less than a day ago gives us ‘Pegasus spyware seller: Blame our customers, not us, for hacking’. Here we are given “Investigations have begun as the list, of 50,000 phone numbers, contained a small number of hacked phones”, silly me for thinking that when we see ‘Investigations have begun’, we also get ‘a small number of hacked phones’, as such there is a much larger stage, and the BBC gives us “Pegasus infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras”, so if there are only a small number of hacked phones, how does that part matter? And when we get “a consortium of news organisations, led by French media outlet Forbidden Stories, has published dozens of stories based around the list, including allegations French President Emmanuel Macron’s number was on it and may have been targeted.” We get the real deal, a consortium of news organisations, led by Forbidden Stories hide behind ‘allegations’ and ‘may have been targeted’. Is anyone catching on? The media want to create emotional waves, yet does not want to be held accountable for their actions. The stakeholders are key here. A ‘consortium’ implies shareholders and stakeholders. It implies also that their issue is not that the NSO Group might do something outside of governments, it might show that the media does a lot more to anger the audience it desperately needs. 

And then the media does one more jab towards a currently missing journalist no one cares about with “including those close to murdered Washington Post columnist Jamal Khashoggi”, this is the emotional stage handed to us. It is “67 agreed to give Forbidden Stories their phones for forensic analysis. And this research, by Amnesty International Security Labs, reportedly found evidence of potential targeting by Pegasus on 37 of those”, so out of 50,000 we see that 67 are investigated and potentially we see 37 are targets, but there is no evidence that the NSO Group did this, these 37 might have been targets of the NSA or even the DGSE. 

And at this point there is one interesting flaw. If it was me, the first think I did was set up a dashboard that allows us to see where these 50,000 names are part of, where they are and how they were hacked. They have had a week and the stretch of media that gives us emotion after emotion is a much larger stage of stakeholders that need a negative view to be pushed onto the NSO Group. I admit that my view is equally speculative, but is it a wrong view? 

Finally there is the Guardian (at https://www.theguardian.com/news/2021/jul/22/israel-examine-spyware-export-rules-should-be-tightened-nso-group-pegasus) where we see ‘Israel to examine whether spyware export rules should be tightened’. Here we are treated to “An Israeli commission reviewing allegations that NSO Group’s Pegasus spyware was misused by its customers to target journalists and human rights activists will examine whether rules on Israel’s export of cyber weapons such as Pegasus should be tightened”, I can accept that view, but that also means that governments are largely to blame for this mess, if the list is real that is. There is every chance that this was a ruse to make the NSO Group less large, less of a challenge to a competitor and this is exactly what stakeholders tend to do, and using the media as their bitch is not out of the question.

My view is reinforced by “NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using its spyware, saying in multiple statements that it requires its government clients to use its powerful spying tools only for legitimate investigations into terrorism or crime”, so as Macron was never a target, the BBC articles are less than accurate and that leaves the media open to all kinds of attacks. Yes, I will admit that it is a he said she said setting (she being the media), but that also means and implies that the NSO Group is not out of the woods at present. And let’s be honest, who needs a tool like this to keep track of the Dalai Lama? The man is out there in nowhere land and when he is travelling we see 50-150 reporters surrounding him, all ways to keep track, no NSO Group required.

As we see the horse Pegasus go on a course towards the government destinations, I see less of an issue with the NSO Group and a hell of a lot more with the Stakeholders who do not have the ideas, the innovations, but they really like the money attached to it. Do you still think I am on the wrong horse track?

There is always the time will tell part, but consider that if the media has not released a dashboard of these 50,000 numbers, I believe that my case is rather clear, I would personally consider that list is nothing more than the fabrication of a stakeholder who needs the revenue that the NSO Group currently has.

1 Comment

Filed under Media, Military, Science

The devil rang

This is too good, I had just finished yesterday’s article and the Guardian gives me ‘Spyware can make your phone your enemy. Journalism is your defence’, in this that I have some troubles accepting that journalism is my defence, they are al about circulation and satisfying their shareholders and stakeholders (optionally advertisers too). But the article came at the right moment, even as this is about Pegasus and the NSO group. Whenever I look back at the title ‘Pegasus’ I think back to Pegasus mail and windows 3.1. It is a reflex, but a nice one. So, the article gives us “The Pegasus project poses urgent questions about the privatisation of the surveillance industry and the lack of safeguards for citizens”, which is nice, but Microsoft, Solarwinds and Cisco made a bigger mess and a much larger mess, so pointing at Pegasus at this point seems a little moot and pointless. (Microsoot’s Exchange anyone?)

Yes, there are questions and it is fair to ask them, so when we see “This surveillance has dramatic, and in some cases even life-threatening, consequences for the ordinary men and women whose numbers appear in the leakbecause of their work exposing the misdeeds of their rulers or defending the rights of their fellow citizens”, yes questions are good, but the fact that millions of records went to the open air via all kinds of methods (including advertiser Microsoft) is just a little too weird. And it is not up to me, it was The Hill who asked the people (5 days ago after the Kaseya hack gone public, the larger question that actually matters ‘Kaseya hack proves we need better cyber metrics’ and they are right, when we see “Once “infected”, your phone becomes your worst enemy. From within your pocket, it instantly betrays your secrets and delivers your private conversations, your personal photos, nearly everything about you” we read this and shrug, but at this point how did a third party operator (NSO group) get the data and the knowhow to make an app that allows for this? Larger question should be handed to both Google and Apple. The fact that the phones are mostly void of protection comes from these two makers. This is a setting of facilitation and a lack of cyber security. The NSO group decided to set a limited commercial application (more likely to facilitate towards the proud girls and boys of Mossad) and they took it one step further to offer it to other governments as well, is that wrong?

So when we see “All of these individuals were selected for possible surveillance by states using the same spyware tool, Pegasus, sold by the NSO Group. Our mission at Forbidden Stories is to pursue – collaboratively – the work of threatened, jailed or assassinated journalists”, if that were true, we would see a lot more articles regarding the 120 Journalists jailed in Turkey, not to mention the 60 journalists that were assassinated (read: targeted killing exercise) there as well. The papers are all about a journalist no one cares about (Jamal Khashoggi) but the other journalists do not really make the front page giving pause and skepticism to “the work of threatened, jailed or assassinated journalists”, my personal view is that the advertisers and stake holders don’t really care about those lives. Then I have issues with “This investigation began with an enormous leak of documents that Forbidden Stories and Amnesty International had access to”, was it really a leak, or did one government take view away from them (by Amnesty International) and handed it towards the NSO group? A list of 50,000 numbers is nothing to sneer at, as such, I doubt it was a leak, it was a tactical move to push the limelight away from them and push it somewhere else. As we consider Kaseya, Solarwinds, Microsoft and Cisco, the weak minded democratic intelligence players from the Unified Spies of America come to mind, but I admit that I have no evidence, it is pure speculation.

And then we see the larger danger “But the scale of this scandal could only be uncovered by journalists around the world working together. By sharing access to this data with the other media organisations in the Forbidden Stories consortium, we were able to develop additional sources, collect hundreds of documents and put together the harrowing evidence of a surveillance apparatus that has been wielded ferociously against swaths of civil society”, who did they share access to? Who reports to another faction that is not journalism or is purely greed driven? In this, the article (at https://www.theguardian.com/world/commentisfree/2021/jul/19/spyware-can-make-your-phone-your-enemy-journalism-is-your-defence) gives us one other gem, it is “not to mention more than 180 journalists from nearly two dozen countries”, as such we see 0.36% of the data is about journalists, so if I was to look at a slice and dice dashboard, how will these 50,000 people distribute? So when we see “If one reporter is threatened or killed, another can take over and ensure that the story is not silenced”, yes, how did that end up for those journo’s in Turkey? What about outliers in data like Dutch journalist Peter R. De Vries? He is not getting the limelight that much in the last three days, you all moved on? You pushed the limelight towards Jamal Khashoggi for well over a year, who achieved less than 0.01% compared to Peter R. De Vries. I reckon that this article, although extremely nice is there to cater to a specific need, a need that the article does not mention (and I can only speculate), but when we see all this holier than though mentions and we see an inaction on Turkey’s actions, as well as a lack of news regarding Peter R. De Vries, I wonder what this article was about, it wasn’t really about the NSO group and Pegasus, they are mentioned 4 and 7 times, the article was to push people towards thinking it is about one thing and it becomes about the 0.36% of journalists in a list of 50,000, all whilst the number is mentioned once in the article without a breakdown. Someone else is calling, when you answer, just make sure the local number is not 666.

Leave a comment

Filed under IT, Military, Science

Those we needlessly fear

All others pay cash! Yes, that was direct, was it not? We have seen millions of articles fly by, all given the very same announcement: ‘Fear Saudi Arabia‘, as well as ‘MBS is a monster‘. Yet, what evidence was given? What actual evidence did we get?

Turkey played its innuendo game, we can also accept that the US is playing a protective game for Saudi Arabia and that too should be highlighted, yet NO ONE has taken an academic look at those so called tapes as have given the audience the rundown, what was there, what was proven. Is there even enough evidence that Jamal Khashoggi is on the tapes? Journalists are in their own corrupt little world of satisfying the shareholders, the stake holders and the advertisers and they all want Saudi Arabia to look like they are all guilty, all to the very top. In addition we see the G20 Argentina game that France played with their ‘confrontation’, conveniently enough staged to be caught on CNN. He was not that amateur like when he had to have a few words with someone high up at Crédit Agricole, was he? Where have they got that leaked conversation?

I see it as a simple operational premise to counter the fear that they have. It gets worse, at present the vultures are circling and we get to see more fallout. News dot com dot au are giving us (at https://www.news.com.au/world/middle-east/saudi-friend-of-jamal-khashoggi-sues-israeli-surveillance-firm/news-story/b0bf9d501332df9ad31bede7de904b6c) ‘Saudi friend of Jamal Khashoggi sues Israeli surveillance firm‘ gives us ‘A Saudi dissident‘, as well as ‘Omar Abdulaziz, said he was friends with Khashoggi‘. Now people make all kinds of claims, I can make the claim that I am the lover of Scarlett Johansson; she just does not know it yet. Anyone in the media can contact frukan Johansson and verify that fact (or prove it to be wrong), we can’t in the case of Khashoggi, can we? Was there corroborating evidence that they were actual friends? If so, why was that not added? The news site makes no real effort to substantiate that friendship and that is not what this is about. You see, it is the claim ‘a lawsuit against an Israeli surveillance company, claiming its sophisticated spyware targeted him and helped lead to the killing of his friend‘. We have two problems here. In the first, is there any evidence to back that up? In the second, Jamal Khashoggi was an unknown person to 93% of the planet, yet he was a journalist for the Washington Post, and as such he was a lot more visible than most others. Also, the entire filing matter in Istanbul gave rise that plenty of people knew where he was, so the spyware seems redundant. If there was quality spyware in place he could have been killed anywhere and leave the optional involvement of Saudi Arabia almost completely out of it. Does that not make sense?

The last paragraph is the killer here: “citing news reports and other sources claiming that NSO Group sold Saudi Arabia the technology in 2017 for $US55 million ($A75 million)“. The first thing here is to look at those news reports; I wonder how much innuendo is in there. Then we get the stage that technology worth $55 million was bought when JK was very much alone, giving rise to the reason of purchase, last by not least is the investigation on the NSO group and their software and that is what I believe was the foundation, it does not matter where and how the NSO group software was used. I believe that Omar Abdulaziz got wind of a 2016 article not unlike those on Vice (at https://motherboard.vice.com/en_us/article/3da5qj/government-hackers-iphone-hacking-jailbreak-nso-group), and saw ‘Government Hackers Caught Using Unprecedented iPhone Spy Tool‘. so when we see (or saw) “Ahmed Mansoor, a 46-year-old human rights activist from the United Arab Emirates, received a strange text message from a number he did not recognize on his iPhone“, the brain of Omar Abdulaziz  optionally went ‘ka-chink‘ and his pupils turned to dollar signs, It was optionally his opportunity of a lifetime.

So who is right?

I am telling you right now that all I am writing from my opposition is pure speculation, yet is it less of more believable? Is the NSO group real? Yes they are and they have something that every nation on the planet with a decent technology level requires. Any government have people they want to keep tabs on, and that is what this solution optionally provides for. It is not a killing tool, and at $55 million it is not some tool you use for simply ending someone’s life, there are more convenient and more elegant ways to facilitate to punch out someone time clock of life. When you stage a $55 million solution when $50K in an account does it, that solution does not make sense.

Still, we cannot ignore the NSO group software and it might have been used to keep tabs on JK, that is optionally a reality we face, yet we all face that optional for a number of reasons and there we have the crux, knowing where a person is does not mean that their life has to be ended, the fact that we have tools, does not imply that we have to use other tools. The audience factor is trying to give us that idea, an emotional driven premise of events to set the stage of intentional international execution. There has been, and unlikely will be any evidence showing that. Not by some eager frog (an unnamed France governmental executive) stating to Saudi Crown Prince Mohammed bin Salman ‘I am really worried!‘ worried about what? Conversations eagerly and ‘unintentionally’ leaked right in full view of the CNN camera, are people truly stupid enough to go for that bait?

Then we get claims in papers like the Sydney Morning Herald trying to up their game, yet at present I am not certain if the Saudi government would lose if a defamation case was brought to court and that is me merely contemplating two of the JK articles that I have read in the last two days.

In addition, the article has the claim ‘and helped lead to the killing of his friend‘, which is actually very clever as in this way stated we have a problem, or do we? Is there any evidence that the solution was or was not used? If there is a way to check the usage of that software then Omar Abdulaziz opened an interesting door. You see at that point, under the US freedom of information act, close to two dozen claims can be made regarding the NSA (the San Antonio location) on how they have been keeping tabs on people. In the January case of Sherretta Shaunte Washington, her attorney might optionally (with properly applied intelligence) be able to overturn any given sentence against her. There has been the rumour that the NSA assisted in keeping tabs on a dozen burner phones. You see, it is not the sim card; it is the mobile imei number on EVERY phone that is the issue. The NSO group seemingly figured out the algorithm to take this to the races and that advantage is worth well over $55 million. That is exactly why the Mexicans wanted the solution too. Most Mexicans are still believing that without the sim it is nothing, yet one call gave away the imei number and that number is a lot more useful than most consider.

And in the end it is Forbes who gives us the missing diamond going all the way back to August 2016. Here we are treated to: “looking at the domains registered by NSO, they determined Pegasus could have been used across Turkey, Israel, Thailand, Qatar, Kenya, Uzbekistan, Mozambique, Morocco, Yemen, Hungary, Saudi Arabia, Nigeria, and Bahrain, though there was no clear evidence“, in all this the one logical step, the one thought that no one has been willing to voice for a number of reasons. Turkey is on that list. So what if this was Turkey all along from beginning to end? Turkey, who had the solution to keep tabs on thousands of journalists, reporters and bloggers, and jailing hundreds of journalists, do you actually think that they are beyond killing a journalist? I mentioned a few yesterday, so you there is evidence all over the field and so far no actual and factual evidence has been given on any involvement of the Saudi Royal family, yet everyone is playing that card as often as possible.

I am not in denial, I am not stating that they are innocent, I am merely looking and hoping to see real evidence, and so far the absence of that investigation has been astounding. There is enough evidence on the involvement of Saudi’s in all this, yet the proper vetting of Turkish evidence by the media has seemingly been lacking. The press (and the media as a whole) merely pushed that same button again and again and it makes me wonder on the premise in which other ways we are (seemingly) being deceived. That is the clear consequence of orchestration, it makes us all doubt all the other evidence, and in light of the USA playing their silver briefcase WMD game in regards to Iraq, that has made us distrust a lot of other evidence, evidence that might have been valid, but we are in a stage where we no longer trust the messengers in all that and as the media and newspapers lose more and more credibility, we have started to treat most news as fake news.

That is the price of orchestration and the players remain in denial that it is happening. That is the part we see form a source called Foreign Policy dot com. The article (at https://foreignpolicy.com/2018/12/03/how-an-internet-impostor-exposed-the-underbelly-of-the-czech-media/), gives us: ‘How an Internet Impostor Exposed the Underbelly of the Czech Media. When politicians own the press, trolls have the last laugh‘, the article by Tim Gosling gives us: “Czech Prime Minister Andrej Babis—and expose just how easily disinformation can slip into the mainstream press, especially when politicians control it.” It is a mere introduction to: “In September, the Czech broadsheet Lidove Noviny published an op-ed by Horakova expressing support for Babis’s refusal to offer asylum to 50 Syrian orphans, as was proposed by an opposition member of parliament. Playing up to his populist pledge not to allow “a single refugee” into the Czech Republic, the prime minister said the country had its own orphans to care for“. It merely gives us parts to ponder, the amount of pondering increases with: “In tapes released by unknown sources onto the internet last year, for instance, he was heard discussing stories damaging to his political rivals with a reporter from Mlada fronta Dnes, which alongside Lidove Noviny is controlled by Agrofert—the agrochemicals conglomerate that is the centerpiece of Babis’s business empire.

I have written again and again against the media facilitation for the shareholders, the stakeholders and the advertisers, here we see the impact when the media and the shareholder are one and the same. That article from a freelance reporter who seemingly contributed to Foreign Policy, The Telegraph, Politico Europe, Deutsche Welle, World Politics et al. He shows that there is a much larger issue and that the difference between those bringing the news and fake news bringers is almost indistinguishable. We might give passage to the LA Times, the Washington Post, New York Times, the Times, the Guardian and several others, yet after that the mess becomes no longer trusted, mostly because the source is too unknown to us. The media did this to themselves through facilitation and until that changes fake news will have too many options to gain traction with the people influencing a populist political nation on a near global scale.

It is one of the reasons why I refuse to merely accept the view of people blaming Saudi Crown Prince Mohammed bin Salman for it all. There are too many intelligence gaps, too many parts of merely insinuated conjecture whilst the intelligence was not properly vetted and it happened for the most in Turkey (the consulate is Saudi ground). We might never ever get the answer of what truly happened, and to a very large extent it is because of the games that the media played from the very beginning. A game staged in innuendo, unnamed sources and people talking on the promise of anonymity. It is not the fact that these elements exist, it is because to a much larger extent too many of them were used at the same time, pressing the same directional button, most of it not scrutinised to the degree that was essential, and when contra dictionary evidence was found, those issues were ignored by the largest extent by all the media, that too is the foundation of fake news, we merely chose to ignore it, it is our emotional side and that is the bigger issue. People are no longer adhering to innocent until guilty, the media has become a ‘guilty until proven innocent machine‘ and that drives the populist agenda more than anything else, so I oppose them all by stating: ‘The Saudi government is one we needlessly fear, until we have conclusive evidence of their action that is the only way we should be‘. We have become puppets in a world where tyrants (Robert Mugabe), alleged mass murderers (Slobodan Milošević), criminals (shooters who were granted indemnity from prosecution) and paedophiles (Catholic clergy) get more consideration than any Muslim ever had, how sad has our world become?

 

Leave a comment

Filed under Law, Media, Military, Politics