I recently learned of this group through the Dark Net Diaries podcast. The host does a pretty good job of covering the NSO group in episode 99 and 100.
I heavily recommend reading “This is How They Tell Me The World Ends” written by one of the guests he had in episode 98, Nicole Perlroth (which also touched a little on the NSO in that episode). She’s The NY Times cybersecurity reporter. A lot of the book focused on the NSO, among others.
The noteworthy angle/point the podcast covers is that NSO is very likely indirectly trying to dig dirt on citizenlab people (same people the post above is from) as they regularly discover their exploits and cost them money. As Jack talks about at the end, this puts NSO group into a whole other category if the above is indeed true.
That's exactly what it is. These companies buy, research and stockpile exploits, and keep a few always at ready for when the currently deployed ones get burned. All exploits have a shelf life, and the more widely one is used, the more likely it is to get caught.
Because let's not forget: NSO and their ilk are not in the business of developing exploits. That's just their raw material. They are in the business of selling weapons-grade espionage and surveillance capabilities.
This episode just came out last week, and this is the second time NSO has made news since it aired (along with Germany being a confirmed client.) Surprisingly apropos, but I imagine Jack's disappointed the big news makes it just after his episode's release on the subject.
Someone remind me why Germany needs to be installing Israeli spyware onto citizens phones? We know this software's only purpose is to track down wrongthink and then murder dissidents.
Massive blow to the integrity of European telecoms.
Can you stop posting this bait in every single thread about the NSO? It's really annoying that you repeatedly drag people into shallow semantic arguments for dumb (nationalistic?) reasons: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
Frankly, that is rich coming from you considering that you do this often enough that I have several of these specifically directed at you: https://news.ycombinator.com/item?id=25492587. Posting flamebait and then editing it to make the people who respond to you look stupid is against the guidelines. Posting "corrections" or "gotchas" every time a topic comes up is not striving for accuracy, it's being purposefully misleading to violate the guidelines. I am sick of you pretending each time that you aren't seeing the many people who tell you you're wrong or that you should stop. Until now I had held out hope that you were going to stop at some point, especially considering your productive contributions elsewhere, but I think I've given up now.
"The Guardian reported this year that hundreds of thousands of euros of Yana Peel’s legal bills were expensed to the NSO Group by her husband – another move that apparently angered his partners.
Stephen Peel’s lawyers said at that time that the “manner” in which the legal fees were paid had been approved by Kowski and Lueken, and he strongly disputed the suggestion that the payment of the expense claims was a source of disagreement between the partners.
Peel, Lueken and Kowski are all now involved in a legal dispute over the future ownership of the firm they created."
If you're interested in infosec/appsec, DND is a great place to get started. The host packages up stories in a well put-together way, has no qualms about breaking to explain a concept or term, and does it all within an hour.
https://darknetdiaries.com/episode/