Sunday, July 18, 2021

Last Call For Keeping An Eye On You

The real blowback from Ed Snowden giving the keys to the NSA to the entire world in order to "make information free" is that the tools the NSA uses to conduct surveillance are now freely in the hands of private companies using versions of the technology to sell to the highest bidder, and world governments and the powerful people running them are happily contracting these companies to spy on whomever they want to in order to hurt the US. The most recent example of this is Israeli firm NSO Group, who apparently have been spying on western journalists' smartphones for a significant amount of time.

Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.

The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.

The list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance, in some cases as brief as a few seconds.

Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a human rights group, had access to the list and shared it with the news organizations, which did further research and analysis. Amnesty’s Security Lab did the forensic analyses on the smartphones.

The numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and prime ministers also appeared on the list.

Among the journalists whose numbers appear on the list, which dates to 2016, are reporters working overseas for several leading news organizations, including a small number from CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar.


The targeting of the 37 smartphones would appear to conflict with the stated purpose of NSO’s licensing of the Pegasus spyware, which the company says is intended only for use in surveilling terrorists and major criminals. The evidence extracted from these smartphones, revealed here for the first time, calls into question pledges by the Israeli company to police its clients for human rights abuses.


The media consortium analyzed the list through interviews and forensic analysis of the phones, and by comparing details with previously reported information about NSO. Amnesty’s Security Lab examined 67 smartphones where attacks were suspected. Of those, 23 were successfully infected and 14 showed signs of attempted penetration.

For the remaining 30, the tests were inconclusive, in several cases because the phones had been replaced. Fifteen of the phones were Android devices, none of which showed evidence of successful infection. However, unlike iPhones, Androids do not log the kinds of information required for Amnesty’s detective work. Three Android phones showed signs of targeting, such as Pegasus-linked SMS messages.

Amnesty shared backup copies of data on four iPhones with Citizen Lab, which confirmed that they showed signs of Pegasus infection. Citizen Lab, a research group at the University of Toronto that specializes in studying Pegasus, also conducted a peer review of Amnesty’s forensic methods and found them to be sound.

In lengthy responses, NSO called the investigation’s findings exaggerated and baseless. It also said it does not operate the spyware licensed to its clients and “has no insight” into their specific intelligence activities.

NSO describes its customers as 60 intelligence, military and law enforcement agencies in 40 countries, although it will not confirm the identities of any of them, citing client confidentiality obligations. The consortium found many of the phone numbers in at least 10 country clusters, which were subjected to deeper analysis: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates. Citizen Lab also has found evidence that all 10 have been clients of NSO, according to Bill Marczak, a senior research fellow.

Forbidden Stories organized the media consortium’s investigation, titled the Pegasus Project, and Amnesty provided analysis and technical support but had no editorial input. Amnesty has openly criticized NSO’s spyware business and supported an unsuccessful lawsuit against the company in an Israeli court seeking to have its export license revoked. After the investigation began, several reporters in the consortium learned that they or their family members had been successfully attacked with Pegasus spyware.

Beyond the personal intrusions made possible by smartphone surveillance, the widespread use of spyware has emerged as a leading threat to democracies worldwide, critics say. Journalists under surveillance cannot safely gather sensitive news without endangering themselves and their sources. Opposition politicians cannot plot their campaign strategies without those in power anticipating their moves. Human rights workers cannot work with vulnerable people — some of whom are victims of their own governments — without exposing them to renewed abuse.

For example, Amnesty’s forensics found evidence that Pegasus was targeted at the two women closest to Saudi columnist Khashoggi, who wrote for The Post’s Opinions section. The phone of his fiancee, Hatice Cengiz, was successfully infected during the days after his murder in Turkey on Oct. 2, 2018, according to a forensic analysis by Amnesty’s Security Lab. Also on the list were the numbers of two Turkish officials involved in investigating his dismemberment by a Saudi hit team. Khashoggi also had a wife, Hanan Elatr, whose phone was targeted by someone using Pegasus in the months before his killing. Amnesty was unable to determine whether the hack was successful.

“This is nasty software — like eloquently nasty,” said Timothy Summers, a former cybersecurity engineer at a U.S. intelligence agency and now director of IT at Arizona State University. With it “one could spy on almost the entire world population. … There’s not anything wrong with building technologies that allows you to collect data; it’s necessary sometimes. But humanity is not in a place where we can have that much power just accessible to anybody.”

 

Which was of course the point to the entire Snowden operation, and the successful hacks that followed. Who counts as a "major criminal" or "terrorist" depends entirely on perspective, you see. Of course it was going to be abused once the genie was unleashed from the bottle. Information warfare is the battlefield of this century, and we're in the scenario where the cyberwar equivalent of the Manhattan Project was leaked to everyone with ears to listen.

So yes, the rise of the private information security company is real, and it's really awful. It was inevitable, to be sure, but it's one of Putin's crowning achievements in the field.

Now, we have to live with it.

Sunday Long Read: Blacking Out Social Media

Today's Sunday Long Read comes to us from Wired's Jason Parnham, who gives us the oral, written, and tweeted history of Black Twitter, Part I, the early years, 2008-2012, with the people who were there.

NEAR THE END of 2009, during the twilight months of a decade that saw the first Black man elected to the US presidency, Ashley Weatherspoon was chasing virality on a young app called Twitter. As the personal assistant for the singer Adrienne Bailon, a former member of the pop groups 3LW and the Cheetah Girls, Weatherspoon often worked on social media strategy. For weeks, she and Bailon had been testing out hashtags on both their feeds to see what would connect with fans. A mild success came with variations on #UKnowUrBoyfriendsCheatingWhen. Later, on a car ride around Manhattan, they began playing with #UKnowUrFromNewYorkWhen. “We started going ham on it,” Weatherspoon told me when we spoke over the phone in June. As the two women were laughing and joking, an even better idea popped into Weatherspoon’s head. “Then I said, oh, ‘You know you’re Black when …’”

It was the first Sunday in September, at exactly 4:25 pm, when Weatherspoon logged on to Twitter and wrote, “#uknowurblackwhen u cancel plans when its raining.” The hashtag spread like wildfire. Within two hours, 1.2 percent of all Twitter correspondence revolved around Weatherspoon’s hashtag, as Black users riffed on everything from car rims to tall tees. It was the viral hit she was after—and confirmation of a rich fabric being threaded together across the platform. Here, in all its melanated glory, was Black Twitter.

More than a decade later, Black Twitter has become the most dynamic subset not only of Twitter but of the wider social internet.
Capable of creating, shaping, and remixing popular culture at light speed, it remains the incubator of nearly every meme (Crying Jordan, This you?), hashtag (#IfTheyGunnedMeDown, #OscarsSoWhite, #YouOKSis), and social justice cause (Me Too, Black Lives Matter) worth knowing about. It is both news and analysis, call and response, judge and jury—a comedy showcase, therapy session, and family cookout all in one. Black Twitter is a multiverse, simultaneously an archive and an all-seeing lens into the future. As Weatherspoon puts it: “Our experience is universal. Our experience is big. Our experience is relevant.”

Though Twitter launched exactly 15 years ago today, with the goal of changing how—and how quickly—people communicate online, the ingenious use of the platform by Black users can be traced, in a way, much further back in time. In 1970, when the computer revolution was in its infancy, Amiri Baraka, the founder of the Black Arts Movement, published an essay called “Technology & Ethos.” “How do you communicate with the great masses of Black people?” he asked. “What is our spirit, what will it project? What machines will it produce? What will they achieve?”

For Black users today, Twitter is Baraka’s prophetic machine: voice and community, power and empowerment. To use his words, it has become a space “to imagine—to think—to construct—to energize!!!” What follows is the first official chronicling of how it all came fantastically together. Like all histories, it is incomplete. But it is a beginning. An outline. Think of it as a kind of record of Blackness—how it moves and thrives online, how it creates, how it communes—told through the eyes of those who lived it.

Afrofuturism has always been part of the Black experience. Imagining a better world, and how we get there as a society, and what that society has to do? Black folk have been making that journey inside our heads and through oral history and song and on paper and now online for a very, very long time. Carving out our own niche and making it ours, defending it, leveraging it, and guiding it as a shared reality across vast distances, there is nothing more quintessential to our culture in America. We used it to define the events in our recent history on our own terms, and the world paid attention.

What follows is a fascinating discussion among multiple Black voices involving Twitter's biggest events in the late 2000's and early 2010's, one worth chronicling, and more of this series will be coming in the weeks ahead.