black_puppydog

Wow, so much discussion of Apple and their software, and so little of NSO group and why they're even a thing.

I just want to add this: these people operate pretty much in the open. They're not ashamed of it either, or else they wouldn't put it on their CV:

https://www.linkedin.com/company/nso-group/people/

That right there tells me that we as "the tech community" are way too okay with this sort of application of the tech. The tech we're all so convinced will "make the world a better place." /s

caisah

There is a nice PBS documentary about Pegasus's NSO https://www.pbs.org/wgbh/frontline/documentary/global-spywar....

It looks like NSO is backed up by the Israeli government. They say their software is only sold to governments which were previously vetted, but the reality is that most of the time they sell to authoritarian states which monitor and persecute people opposing the regime.

fweimer

The way this works is that in addition to the more colorful clients, you absolutely need to make sure that you have a sufficient number of clients among law enforcement and security services in countries with a decent(-ish) track record regarding human rights. This way, your products and services are not obviously illegal. You can even tell your employees that your products and services are saving lives because it's actually true.

This strategy mostly works because the major operating system suppliers refuse to implement requested lawful intercept solutions for their consumer products. Instead, we end up with companies that try to fill the gaps, making a business of exploiting security flaws. It's possible for the OS vendors to completely dry this swamp, by offering competing services to law enforcement using the interfaces they already have (automated software updates, for example). The reputable clients would migrate rather quickly. These companies would be left with just the shady clients, making it much more difficult to justify their continued existence.

kmeisthax

The OS vendors refuse to implement lawful intercept capability because there is no such thing as a lawful intercept capability. There is only intercept capability for any purpose because ROM bootloaders and secure enclaves cannot vet the lawfulness of a request to subvert their owners. You can make a phone relatively secure against people trying to break into it, but only if it has unique access keys for the owner. If you give any government a second key for intercept capabilities, that key will be a single point of failure for the entire system. Eventually it will leak and your phone password will be effectively useless.

I don't even need to invent a scenario for this: you can buy the TSA master keys off Amazon right now. The only reason why it's not a huge problem is that TSA locks are a special thing you buy and use solely for airline luggage that is already in TSA custody anyway. If you use TSA locks on anything else, however, you're just asking for it to be stolen because the locks don't actually provide any security.

The shady clients will get their hands on any intercept key provided by law enforcement, because it's legally unreasonable for Apple or Google to only provide intercept capability to some of the countries they operate in. e.g. if you give the US and UK a decryption key you also have to give it to Saudi Arabia[0]. Hell, in some countries the shady and legit clients are part of the same government - e.g. you can't give the key to just the FBI but not the NSA or CIA.

[0] The Saudis have one very big lever they can use to force the west to do what it wants: gas prices.

easterncalculus
You can also 3D print the TSA master keys - here's the link https://github.com/Xyl2k/TSA-Travel-Sentry-master-keys