Connect with us

Technology

Pegasus Project claims NSO spyware targeted journalists and activists

Voice Of EU

Published

on

Spyware from the Israeli firm was used to violate human rights, according to an investigation involving Amnesty and 17 media organisations.

Amnesty International published a technical report yesterday (18 July) regarding the methodology of The Pegasus Project, in what it states will be one of the first of many reports regarding the “weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent”.

The Pegasus Project is an international collaboration investigating the claimed use of spyware developed by Israeli company NSO Group against journalists, activists and government officials.

There are more than 80 journalists from 17 media organisations in 10 countries involved in the investigation. The group is led by Paris-based media non-profit Forbidden Stories with technical support provided by Amnesty International.

The non-profit stated the investigation began with a leak of documents that Forbidden Stories and Amnesty International had access to.

In this list of more than 50,000 selected targets by clients of NSO Group, they found the names of some colleagues and journalists that had worked on past collaborative investigations. This led them to share access to the data with the other media organisations in the Forbidden Stories consortium.

“Clearly, [NSO’s] actions pose larger questions about the wholesale lack of regulation that has created a wild west of rampant abusive targeting of activists and journalists,” said Agnès Callamard, secretary general of Amnesty International.

“Until this company and the industry as a whole can show it is capable of respecting human rights, there must be an immediate moratorium on the export, sale, transfer and use of surveillance technology.”

The NSO Group is a technology and surveillance company that “develops technology to prevent and investigate terror and crime”. It claims its products are used exclusively by government intelligence and law enforcement agencies.

NSO said the Pegasus report is full of false accusations, wrong assumptions and uncorroborated theories.

“Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims,” said the issued response.

“In fact, these allegations are so outrageous and far from reality, that NSO is considering a defamation lawsuit.”

Amnesty International provided the technical support for the project through forensic investigations on mobile phones to identify traces of the NSO spyware.

It said that at the centre of this investigation is the NSO Group’s Pegasus spyware which, when installed on a victim’s phone, “allows an attacker complete access to the device’s messages, emails, media, microphone, camera, calls and contacts”.

Amnesty published its methodology at-length, alongside open-source mobile forensics tools and detailed technical indicators, “in order to assist information security researchers and civil society with detecting and responding to these serious threats”.

The report documents the evolution of Pegasus spyware attacks since 2018, with details on the spyware’s infrastructure, including more than 700 Pegasus-related domains.

Support Silicon Republic

“These revelations blow apart any claims by NSO that such attacks are rare and down to rogue use of their technology. While the company claims its spyware is only used for legitimate criminal and terror investigations, it’s clear its technology facilitates systemic abuse,” said Callamard.

One example of their investigation included an analysis of the phone of Moroccan activist Maati Monjib, who was one of the activists targeted as documented in Amnesty International’s 2019 report.

It detailed that on further analysis, suspicious redirects were noted in Monjib’s Safari browsing history. In one case there was a redirect to an odd-looking URL after Monjib attempted to visit Yahoo.

“We detail how we determined these redirections to be the result of network injection attacks performed either through tactical devices, such as rogue cell towers, or through dedicated equipment placed at the mobile operator,” stated the report.

The project identified at least 180 journalists in 20 countries to be the focus of political targeting by the NSO spyware, including at least 40 journalists from nearly every major media outlet in India.

Forensic tests stated the phones of Siddharth Varadarajan and MK Venu, co-founders of independent online outlet The Wire, were infected with Pegasus spyware as recently as June 2021.

“This should be a wake-up call for governments to step up and hold spyware developers like the NSO Group accountable for their role in stoking the flames and profiting off human rights abuses,” said Attila Tomaschek, a digital privacy expert at the company ProPrivacy.

“The private spyware industry is only going to continue to grow, and its influence will intensify if this space remains as alarmingly unregulated as it is today. Tech companies need to ensure their products are safe to use in the face of increasingly sophisticated spyware that has the potential to be abused in such a widespread and frightening manner.”

Data use in targeting terrorism has come under fire before, such as the campaign ‘Reclaim Your Face’ launched by a European Citizens’ Initiative. This group challenged plans for public biometric surveillance included in the Security Union package presented by the European Commission in December 2020.

Amnesty stated that over the next week, media partners of The Pegasus Project including The Guardian, Le Monde, Süddeutsche Zeitung and The Washington Post will run a series of stories showing the details of their NSO investigation.

“The widespread violations Pegasus facilitates must stop. Our hope is the damning evidence published over the next week will lead governments to overhaul a surveillance industry that is out of control,” said Etienne Maynier, a technologist at Amnesty International’s security lab.

Callamard stated: “As a first step, NSO Group must immediately shut down clients’ systems where there is credible evidence of misuse. The Pegasus Project provides this in abundance.”

In a response to The Guardian, the Indian government said: “The questionnaire sent to the government of India indicates that the story being crafted is one that is not only bereft of facts but also founded in pre-conceived conclusions.

“It seems you are trying to play the role of an investigator, prosecutor as well as jury.”

The project also linked the NSO spyware to family members of Saudi journalist Jamal Khashoggi, who was murdered in Istanbul on 2 October 2018.

The NSO Group responded to the Pegasus Project allegations saying that its “technology was not associated in any way with the heinous murder of Jamal Khashoggi” and that it had previously investigated this claim and found it lacked substance.

Source link

Technology

Facebook oversight board to review system that exempts elite users | Facebook

Voice Of EU

Published

on

Facebook’s semi-independent oversight board says it will review the company’s “XCheck” system, an internal program that has exempted high-profile users from some or all of its rules.

The decision follows an investigation by the Wall Street Journal that revealed that reviews of posts by well-known users such as celebrities, politicians and journalists are steered into the separate system.

Under the program, some users are “whitelisted”, or not subject to enforcement action, while others are allowed to post material that violates Facebook rules pending content reviews that often do not take place. The Xcheck system, for example, allowed Brazilian footballer Neymar to post nude pictures of a woman who had accused him of rape, according to the report.

Users were identified for additional scrutiny based on criteria such as being “newsworthy”, “influential or popular” or “PR risky”, the Wall Street Journal found. By 2020 there were 5.8 million users on the XCheck list, according to the newspaper.

The oversight board said Tuesday that it expects to have a briefing with Facebook on the system and “will be reporting what we hear from this” as part of a report it will publish in October.

The board may also make other recommendations, although Facebook is not bound to follow these.

The Journal’s report, the board said, has drawn “renewed attention to the seemingly inconsistent way that the company makes decisions, and why greater transparency and independent oversight of Facebook matters so much for users”.

Facebook told the Journal in response to its investigation that the system “was designed for an important reason: to create an additional step so we can accurately enforce policies on content that could require more understanding”. The company added that criticism of it was “fair” and that it was working to fix it.

A representative for Facebook declined to comment to the Associated Press on the oversight board’s decision.

Source link

Continue Reading

Technology

Philippines imposes 12 per cent digital services tax • The Register

Voice Of EU

Published

on

The Philippines has become the latest nation to impose a digital services tax.

Such taxes require the likes of Netflix and Spotify to pay local sales taxes even though their services are delivered – legally, notionally, and physically – from beyond local jurisdiction.

The Philippines has chosen a rate of 12 per cent, mirroring local value added taxes.

“We have now clarified that digital services and the goods and services traded through digital service providers should generally be subject to VAT. This is just a matter of common tax sense,” said Joey Salceda, a member of the Philippines’ House of Representatives and a backer of the change to the nation’s tax code.

Salceda tied the change to post-pandemic economic recovery.

“If brick and mortar establishments, which are the hardest-hit by the pandemic, have to pay VAT, the giants of e-commerce shouldn’t be exempt,” he said.

However, local companies that are already exempt from VAT by virtue of low turnover won’t be caught by the extension of the tax into the virtual realm.

Salceda’s amendments are designed to catch content streamers, but also online software sales – including mobile apps – plus SaaS and hosted software. The Philippines’ News Agency’s report on the amendment’s passage into law even mentions firewalls as subject to VAT.

The Philippines is not alone in introducing a digital services tax to raise more revenue after the COVID-19 pandemic hurt government revenue – Indonesia used the same logic in 2020 .

But the taxes are controversial because they are seen as a unilateral response to the wider issue of multinational companies picking the jurisdictions in which they’ll pay tax – a practice that erodes national tax bases. The G7 group of nations, and the OECD, think that collaborations that shift tax liabilities to nations where goods and services are acquired and consumed are the most appropriate response, and that harmonising global tax laws to make big tech pay up wherever they do business is a better plan than digital services taxes.

The USA has backed that view of digital services taxes, by announcing it will impose tariffson nations that introduce them – but is yet to enact that plan.

Meanwhile, the process of creating a global approach to multinational tax shenanigans is taking years to agree and implement.

But The Philippines wants more cash in its coffers – and to demonstrate that local businesses aren’t being disadvantaged – ASAP. ®

Source link

Continue Reading

Technology

How to ask your boss for more flexible working

Voice Of EU

Published

on

While returning to the office is now possible for many, some workers might still want the option of flexible working some of the time. Here’s how to broach the subject.

This week marked the beginning of a phased and staggered return to workplaces for many employees in Ireland.

It essentially marked the first official green light for employers to ready their offices and start putting plans in place for their staff’s return.

Click here to check out the top sci-tech employers hiring right now.

However, HR body CIPD Ireland urged employers to be mindful of anxious workers as they face “another round of upheaval” with the return to offices.

So, while employers are finalising plans about how, where and when their teams will work, some employees may be wondering how to go about expressing their preference, worried that it’s not in line with what the company wants.

While there have been plenty of discussions and remote work advocates calling for leaders to be more flexible and recognise that the future of work will be hybrid, the reality for individual employees can feel very different.

While big-picture debates around the right to request remote work are happening, how do you ask for what you want in the here and now, when your boss is determined to have a full return to the office?

Explain your reasons

If remote or flexible working isn’t something your boss is already willing to give you, then you must treat it like a pay rise request.

Explain clearly and concisely the reasons why you want more flexibility, how it will benefit you and make you a more engaged, happier worker.

While family commitments might be an important factor, so too is work-life balance and getting rid of long commutes. And, while there is light at the end of the pandemic tunnel, Covid-19 is still a very real concern, so don’t be afraid to express your reservations about this too.

Make a business case

When you ask for a pay increase, you provide proof of the value you have added to the company. Take the same approach here and explain to your boss how flexible working will actually be beneficial to them.

Some managers who resist remote working might still have an office-based mentality where presenteeism is key. But there are numerous studies that show that knowledge workers are more productive when working remotely.

And, when done as a purposeful business strategy, remote working can help teams prioritise work more clearly as well as allowing for more downtime and work-life balance.

Be realistic

Depending on your manager, your team and the work you do, it may not be feasible to ask to work from home five days a week.

It’s important that you are realistic about asking for what you want and also realistic about what you can deliver in return. Remote workers can be more productive but they can also be in danger of burning out so be thoughtful about what strategy will work best for both you and your manager.

Listen to their perspective

While conversations around remote working appear to be mostly positive, it can be a different situation behind the office doors.

Many managers and leaders are still hesitant about moving to a fully flexible working strategy and this can lead to workers feeling like they are not being listened to.

However, one of the best ways to combat that hesitancy from managers is to listen to their concerns and address them in a problem-solving manner.

Being able to alleviate some of your manager’s worries might make them more amenable to allowing for more flexibility.

Make expectations clear

If you do convince your boss to allow for a more flexible working plan than what they had originally considered, it’s important that both sides understand what is expected.

Without clearly defining the outcomes of the new set-up, misunderstandings can lead to disappointments and feelings of mistrust in the idea of flexible working.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!