Posts Tagged ‘NSO Group’

Novalpina urged to come clean about targeting human rights defenders

February 19, 2019

In an open letter released today, 18 February 2019, Amnesty International, Human Rights Watch and five other NGOs urged Novalpina to publicly commit to accountability for NSO Group’s past spyware abuses, including the targeting of an Amnesty International employee and the alleged targeting of Jamal Khashoggi. [see also: https://humanrightsdefenders.blog/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/]

Danna Ingleton, Deputy Director of Amnesty Tech, said: “Novalpina’s executives have serious questions to answer about their involvement with a company which has become the go-to surveillance tool for abusive governments. This sale comes in the wake of reports that NSO paid private operatives to physically intimidate individuals trying to investigate its role in attacks on human rights defenders – further proof that NSO is an extremely dangerous entity.

We are calling on Novalpina to confirm an immediate end to the sale or further maintenance of NSO products to governments which have been accused of using surveillance to violate human rights. It must also be completely transparent about its plans to prevent further abuses.

This could be an opportunity to finally hold NSO Group to account. Novalpina must commit to fully engaging with investigations into past abuses of NSO’s spyware, and ensure that neither NSO Group nor its previous owners, Francisco Partners, are let off the hook.”

The signatories to the letter are:

  • Amnesty International
  • R3D: Red en Defensa de los Derechos Digitales
  • Privacy International
  • Access Now
  • Human Rights Watch
  • Reporters Without Borders
  • Robert L. Bernstein Institute for Human Rights, NYU School of Law and Global Justice Clinic, NYU School of Law

https://www.amnesty.org/en/latest/news/2019/02/spyware-firm-buyout-reaffirms-urgent-need-for-justice-for-targeted-activists/

https://www.amnesty.org/en/latest/research/2019/02/open-letter-to-novalpina-capital-nso-group-and-francisco-partners/

Apple tackles iPhone one-tap spyware flaws after MEA Laureate discovers hacking attempt

August 29, 2016

Ahmed Mansoor, the Laureate of the Martin Ennals Award 2015, was the target of a major hacking attempt. Fortunately it received global coverage on 26 and 27 August 2016 and Apple has immediately issued a security update to address the vulnerabilities. [For those with Iphones/Ipads, you may want to update your IOS software to 9.3.5!]


Ahmed MansoorImage copyrightAP – human rights defender Ahmed Mansoor

The flaws in Apple’s iOS operating system were discovered by Mansoor who alerted security researchers to unsolicited text messages he had received on 10 and 11 August. They discovered three previously unknown flaws within Apple’s code that meant spyware could be installed with a single tap. Apple has since released a software update that addresses the problem. The two security firms involved, Citizen Lab and Lookout, said they had held back details of the discovery until the fix had been issued.

The texts promised to reveal “secrets” about people allegedly being tortured in the United Arab Emirates (UAE)’s jails if he tapped the links. Had he done so, Citizen Lab says, his iPhone 6 would have been “jailbroken”, meaning unauthorised software could have been installed. “Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” said Citizen Lab. The researchers say they believe the spyware involved was created by NSO Group, an Israeli “cyber-war” company.

Text message
The spyware would have been installed if Mansoor had tapped on the links. Image copyright CITIZENLAB

For more on Mansoor: https://thoolen.wordpress.com/tag/ahmed-mansoor/

Sources:

http://www.bbc.com/news/technology-37185544

https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/  (from the researchers who identified the vulnerabilities. Good summary followed by full technical analysis)

http://www.dailymail.co.uk/sciencetech/article-3758671/Apple-boosts-iPhone-security-Mideast-spyware-discovery.html