UK Government Officials Infected with Pegasus(citizenlab.ca)
citizenlab.ca
UK Government Officials Infected with Pegasus
https://citizenlab.ca/2022/04/uk-government-officials-targeted-pegasus/
377 comments
The current home secretary, Priti Patel, was forced to resign from her previous (lesser) role as Minister for International Development for secretly (and thus illegally) meeting with Israeli diplomats.
https://www.bbc.co.uk/news/uk-politics-41923007
It is completely unsurprising that there is little care shown by our government.
https://www.bbc.co.uk/news/uk-politics-41923007
It is completely unsurprising that there is little care shown by our government.
Israel was also behind many of the efforts to smear the former opposition leader Jeremy Corbyn - https://www.middleeasteye.net/fr/news/israeli-diplomat-sough...
The current government is a huge ally of Israel.
The current government is a huge ally of Israel.
Every British government has been an ally of Israel. You don't turn down a relationship with a country with Israel's military, technical and intelligence capabilities, and worth $5bn in bilateral trade for nothing if you have any sense.
> You don't turn down a relationship with a country with Israel's military, technical and intelligence capabilities, and worth $5bn in bilateral trade
Well, that's certainly one angle.
The other angle is, let's face it, Israel is good at playing the Jewish card and portraying that if you're not pro-Israel you must be some sort of antisemite.
There are all sorts of political ties along those lines, e.g. "Conservative Friends of Israel"[1]
[1] https://en.wikipedia.org/wiki/Conservative_Friends_of_Israel
Well, that's certainly one angle.
The other angle is, let's face it, Israel is good at playing the Jewish card and portraying that if you're not pro-Israel you must be some sort of antisemite.
There are all sorts of political ties along those lines, e.g. "Conservative Friends of Israel"[1]
[1] https://en.wikipedia.org/wiki/Conservative_Friends_of_Israel
UK bilateral trade with Russia was ~$17 billion in 2021 (i assume that's imports plus exports right?).
Russia was a very close friend twenty years ago, Iraq was a very close ally in the 1980s. I'm sure Israel realises how quickly the west can turn on friends and allies when it suits us and that this is why they spend tens of millions a year wooing US and UK politicians.
Russia became a pariah over night and the moment it becomes politically convenient to diplomatically recognise Israel as an apartheid state the trade won't count for anything (not least because most of it is the direct consequence of billions in annual US subsidies)
Russia was a very close friend twenty years ago, Iraq was a very close ally in the 1980s. I'm sure Israel realises how quickly the west can turn on friends and allies when it suits us and that this is why they spend tens of millions a year wooing US and UK politicians.
Russia became a pariah over night and the moment it becomes politically convenient to diplomatically recognise Israel as an apartheid state the trade won't count for anything (not least because most of it is the direct consequence of billions in annual US subsidies)
Russia's been a pain in the arse continuously. 20 years ago they were up to their eyeballs in the Iranian nuclear programme, carpet bombing Chechnya, blowing up their own apartment blocks and blaming it on terrorists, destabilising Georgia and goodness knows what else. That's all just from memory. But they have a lot of oil and gas so we let it all slide. More fool us.
You are aware that the Israely government does similar things, right?
Most European governments look at the simultaneous invasion of Israel by three Arab states in 1948, and statements made about the aims of that invasion, and think "what would we be prepared to do to defend against such determined, implacable hostility?". They look at what Israel does to defend itself and think, yeah, pretty much we'd do that.
They look at Israel and see a democratic, technologically advanced state with a liberal economy much like their own. They look at the repressive, autocratic extraction economies in the Arab world and recoil in horror.
I'm not making any judgement on this, or whether they're right or wrong, but that's just how many Europeans see the situation.
They look at Israel and see a democratic, technologically advanced state with a liberal economy much like their own. They look at the repressive, autocratic extraction economies in the Arab world and recoil in horror.
I'm not making any judgement on this, or whether they're right or wrong, but that's just how many Europeans see the situation.
I mean wow, they really don't.
And some other Europeans see the Israeli government as human rights abusers and boycott them.
And some other Europeans see human rights abusers and boycott them.
Yup, so does the US and the UK.
The sad reality is that we've not really had truly independent foreign policy since WW2. The US military never left our soil, and we've been in lock step with Washington on everything serious since then.
We're a vassal state, there's no Brexit on the special relationship.
We're a vassal state, there's no Brexit on the special relationship.
We did with Europe and the trade is worth way more than $5bn
And we're allies with the EU to this day. What's your point?
We threw away billions in trade with the EU over not really that much, why would not throw away a far smaller sum when it comes to another country that was spying on us?
How much the UK and EU are allies remains to be seen too
How much the UK and EU are allies remains to be seen too
mschuster91(13)
Also unsurprising in view of even more egregious incidents from the past:
Shai Masot, the Israeli embassy official at London, caught on camera in 2017 talking about 'hitlist' of members of parliament, including Foreign Office Minister Sir Alan Duncan, a vocal supporter of Palestinian state [0]. And that led to a slap on the wrist.
A comparison of reactions to related incidents involving different parties is revealing [1].
[0] https://www.haaretz.com/israel-news/israeli-embassy-rep-caug...
[1] https://www.middleeastmonitor.com/20220214-espionage-is-a-di...
[0] https://www.haaretz.com/israel-news/israeli-embassy-rep-caug...
[1] https://www.middleeastmonitor.com/20220214-espionage-is-a-di...
[deleted]
[deleted]
Doesn't the fact that she had to resign point to the opposite conclusion, namely that these governments are distinct entities with sometimes conflicting interests?
She is now Home Secretary of the UK. She got fired upwards.
The current Cabinet is suffering from a serious lack of talent in my opinion; several political purges related to Brexit has meant the only real qualifying characteristic for some of the highest offices in the land is being a yes-man for Johnson.
Now that you are saying this.. take a look everywhere, it's all like this.. every country turned into the worst versions of themselves, but even the worst of UK its kind of not bad in my opinion, compared to other countries.
At least from an outside view, it's the UK now that is showing a good leadership in the current worldwide crises. While the US, France and Germany are completely lost, especially on how to deal with a "strong-man".
(Meanwhile nobody remembers Cameron or that guy that was a pure puppet of the US in the forced Iraq war, and they were the posh gentleman everyone was expecting)
At least from an outside view, it's the UK now that is showing a good leadership in the current worldwide crises. While the US, France and Germany are completely lost, especially on how to deal with a "strong-man".
(Meanwhile nobody remembers Cameron or that guy that was a pure puppet of the US in the forced Iraq war, and they were the posh gentleman everyone was expecting)
I too hope I will be fired some day (upwards)
It points to there being some pressure, probably from the public. But like police officers who get fired only to be rehired the next town over she now has a even more prestigious position in government. So there is no actual accountability here, just theater.
> I'm surprised this isn't a major diplomatic incident between the UK and Israel too
Are you really surprised? I'd be surprised if the UK and its media made a fuss about it. Certainly we won't be making a fuss about it here in the US that's for sure. I'd imagine russia and china wishes they had 1/10th the influence that israel has in the US/UK. Say what you want about israel, but for such a tiny country, it punches far above its weight.
Are you really surprised? I'd be surprised if the UK and its media made a fuss about it. Certainly we won't be making a fuss about it here in the US that's for sure. I'd imagine russia and china wishes they had 1/10th the influence that israel has in the US/UK. Say what you want about israel, but for such a tiny country, it punches far above its weight.
When 11 US diplomats in Uganda turned up with NSO Pegasus Malware on their phones, the US government responded by listing NSO as a covered Entity and forbidding any US company from buying or selling with it without express permission of the USG- Dell can't sell them monitors or laptops without the State Department publishing written, specific permission. Several US congresspersons advocated for even harsher response (Global Magnitsky Sanctions, which would, AIUI, basically cut them off from the dollar and their employees from traveling to the US). The US reserves the right to do that later.
So the US has responded, quite forcefully, to people much lower on the food chain being hacked by Pegasus.
See: https://arstechnica.com/information-technology/2021/12/the-s...
So the US has responded, quite forcefully, to people much lower on the food chain being hacked by Pegasus.
See: https://arstechnica.com/information-technology/2021/12/the-s...
Sure, the US effectively blacklisted NSO, but they did nothing to Israel. Imagine if a Russian business was found to have hacked State Department employees phones. Would being a private company prevent Russia from being blamed, particularly if they had the kind of state connections NSO had?
> Dell can't sell them monitors or laptops without the State Department publishing written, specific permission.
I wonder how this is enforced in practice? I have to assume Israel has retailer shops where anybody can just buy whatever, most likely even Dell laptops and monitors.
I wonder how this is enforced in practice? I have to assume Israel has retailer shops where anybody can just buy whatever, most likely even Dell laptops and monitors.
I don't know about Russia, but China doesn't let people from other nationalities to occupy positions of power especially in foreign policy, in which they're completely right. This is the main weakness of the USA and UK. They will let foreign born people to raise to power and dictate self servicing policies, many times in detriment to their own population. For example, take Henry Kissinger: a german born person, he spent his whole life influencing American policy to accommodate his views concerning Europe and the rest of the world. It is not a surprise that the Western world is in this situation.
Which UK politician are you referring to? The only one I’m aware of in high office currently who was born abroad is Boris Johnson, who was born in New York - a fact so far down the list of reasons for his unfitness for office that it does not really register.
The idea that this is the “main” problem in the UK is frankly laughable.
The idea that this is the “main” problem in the UK is frankly laughable.
Well of course, GP said 'positions of power' rather than 'politician'.
Controversially, https://en.wikipedia.org/wiki/Evgeny_Lebedev has been ennobled and is now qualified to sit in the House of Lords, most definitely a position of power though he has not as yet chosen to appear there as far as I know. It turns out that Unelected Lords are also permitted to be ministers in the cabinet, so...
Controversially, https://en.wikipedia.org/wiki/Evgeny_Lebedev has been ennobled and is now qualified to sit in the House of Lords, most definitely a position of power though he has not as yet chosen to appear there as far as I know. It turns out that Unelected Lords are also permitted to be ministers in the cabinet, so...
Lebedev definitely qualifies here.
[deleted]
Just wait until you find out the UK had a Jewish prime minister.
https://en.wikipedia.org/wiki/Benjamin_Disraeli
The rabbit hole goes deeper, keep digging! They can't keep the truth hidden forever.
https://en.wikipedia.org/wiki/Benjamin_Disraeli
The rabbit hole goes deeper, keep digging! They can't keep the truth hidden forever.
The UK is quite xenophobic as it is. No need for extra laws to prohibit foreigners to ascend to positions of power. Your peers will take care of that. I'm quite surprised that an UK born citizen of Pakistani heritage is currently the mayor of London. Maybe Labour is less xenophobic that the others.
> I'm quite surprised that an UK born citizen of Pakistani heritage is currently the mayor of London
The only surprise here is that he's Labour, not Tory.
Half of the current Great Offices of State are held by brown people under the Tories, who also had the first Jewish PM, the first (and second, and only) female PMs, and then there's Saj who's been Chancellor and Home Secretary, and I reckon is about as likely as Sunak to be the next PM. They appointed the first female, gay head of the Met Police, and the leader of the party in Scotland was also a gay woman for 8 very recent years.
Some of these people are clearly the worst of British politics (hello Priti Patel!), but the Tories have an excellent record of putting people who aren't straight, white, Christian men into positions of power.
The only surprise here is that he's Labour, not Tory.
Half of the current Great Offices of State are held by brown people under the Tories, who also had the first Jewish PM, the first (and second, and only) female PMs, and then there's Saj who's been Chancellor and Home Secretary, and I reckon is about as likely as Sunak to be the next PM. They appointed the first female, gay head of the Met Police, and the leader of the party in Scotland was also a gay woman for 8 very recent years.
Some of these people are clearly the worst of British politics (hello Priti Patel!), but the Tories have an excellent record of putting people who aren't straight, white, Christian men into positions of power.
There are so many people in this thread talking nonsense about the UK. The current Tory (right wing) Cabinet (the executive) includes Rishi Sunak as Chancellor, Priti Patel as Home Secretary, Savid Jaavid as Secretary of State for Health, Kwasi Kwartang as Secretary of State for Business, Alok Sharma as COP26 President, Nadim Zahawi as Secretary of State for Education, and Suella Braverman as Attorney General — all of Pakistani, Indian, or African ancestry.
It is quite likely the next PM will be of Pakistani or Indian ancestry (unless it’s a Labour PM; they have a poor record of promoting minorities to the top of Government) It's simply not true that the UK is xenophobic.
It is quite likely the next PM will be of Pakistani or Indian ancestry (unless it’s a Labour PM; they have a poor record of promoting minorities to the top of Government) It's simply not true that the UK is xenophobic.
> No need for extra laws to prohibit foreigners to ascend to positions of power.
What on Earth are you talking about?
10% of parliament are from ethnic minorities (including many high profile positions, Tories included), against a UK background of 14%.
https://commonslibrary.parliament.uk/research-briefings/sn01...
9% of parliament identifies as gay/bi against a UK background of 5%.
https://www.pinknews.co.uk/2020/12/31/lgbt-mps-gay-lesbian-b...
What on Earth are you talking about?
10% of parliament are from ethnic minorities (including many high profile positions, Tories included), against a UK background of 14%.
https://commonslibrary.parliament.uk/research-briefings/sn01...
9% of parliament identifies as gay/bi against a UK background of 5%.
https://www.pinknews.co.uk/2020/12/31/lgbt-mps-gay-lesbian-b...
>"I'm surprised this isn't a major diplomatic incident between the UK and Israel too."
I think Realpolitik is the reason why and that's all I'm going to say about that.
I think Realpolitik is the reason why and that's all I'm going to say about that.
The realpolitik of it is that Johnson some weeks ago went to the Saudis hat in hand asking for oil after they've stopped responding to phone calls from POTUS.
Last year:
As for the NSO, it is rather likely that the UK government itself is a client. In fact taking all of that into account it isn't unlikely that the UK government is more than just a customer and was already aware of being "hacked". But that's all I'm going to say about that.
Last year:
The Saudi crown prince, Mohammed bin Salman, warned Boris Johnson in a text message that UK-Saudi Arabian relations would be damaged if the British government failed to intervene to “correct” the Premier League’s “wrong” decision not to allow a £300m takeover of Newcastle United last year.
The takeover of the club was of course completed shortly afterwards. As were the weapons sales.As for the NSO, it is rather likely that the UK government itself is a client. In fact taking all of that into account it isn't unlikely that the UK government is more than just a customer and was already aware of being "hacked". But that's all I'm going to say about that.
Some context/background to the deal
the sale has been stalled for more than a year at that point , the league had decided arbitrarily to put a fitness check and delay(not reject) the deal. Roman, usmanov (minority holder ) and Abu Dhabi sovereign fund are current owners of major clubs before Saudi Arabia .
The stalling and later approval has nothing to do with concerns of sportswashing (PL has sold out any morality they had long before then). The block and later approval was mostly because Qatar was pissed .
Qatar owns PSG , hosting 2022 World Cup and most importantly owns lucrative PL broadcast rights in Middle East.
beIN with Saudi government informal support has been streaming matches illegally. Complicating this Qatar for last 4/5 years has been pretty much isolated in Middle East and kicked out of many forums in unrelated diplomatic fights.
In the end Saudi paid 1Billion pounds to Qatar to settle that dispute before Newcastle could be bought.
Sovereign/government influence peddling and involving in sports clubs is nothing new. Real Madrid has benefited a lot over the years , west ham got a brand new stadium for nothing , even in the U.S. favorable policies , tax breaks are used heavily to attract sports teams at city /state level all the time.
Democracy or dictators sports are cheap trick to improve ratings , it has been used at least since gladiators in Rome as a tool.
My intention is not defend Saudi actions just that it is not surprising governments were involved.
Disclaimer : I am a Newcastle fan
the sale has been stalled for more than a year at that point , the league had decided arbitrarily to put a fitness check and delay(not reject) the deal. Roman, usmanov (minority holder ) and Abu Dhabi sovereign fund are current owners of major clubs before Saudi Arabia .
The stalling and later approval has nothing to do with concerns of sportswashing (PL has sold out any morality they had long before then). The block and later approval was mostly because Qatar was pissed .
Qatar owns PSG , hosting 2022 World Cup and most importantly owns lucrative PL broadcast rights in Middle East.
beIN with Saudi government informal support has been streaming matches illegally. Complicating this Qatar for last 4/5 years has been pretty much isolated in Middle East and kicked out of many forums in unrelated diplomatic fights.
In the end Saudi paid 1Billion pounds to Qatar to settle that dispute before Newcastle could be bought.
Sovereign/government influence peddling and involving in sports clubs is nothing new. Real Madrid has benefited a lot over the years , west ham got a brand new stadium for nothing , even in the U.S. favorable policies , tax breaks are used heavily to attract sports teams at city /state level all the time.
Democracy or dictators sports are cheap trick to improve ratings , it has been used at least since gladiators in Rome as a tool.
My intention is not defend Saudi actions just that it is not surprising governments were involved.
Disclaimer : I am a Newcastle fan
> Disclaimer : I am a Newcastle fan
As-salamu alaykum
I reckon the fans of rival clubs will absolutely terrorize you with taunting going forth.
As-salamu alaykum
I reckon the fans of rival clubs will absolutely terrorize you with taunting going forth.
I’m sure the Sunderland lads have already clocked it. Feel free to drop by…
https://www.readytogo.net/smb/
https://www.readytogo.net/smb/
Shots fired!
I had to look them up. Today I Learned about one of the earliest football paintings in the world: https://en.wikipedia.org/wiki/Sunderland_A.F.C.#/media/File:...
That is pretty neat actually.
I don't really follow football but I do enjoy the shit talking. This seems like a fun team to root for actually :)
I had to look them up. Today I Learned about one of the earliest football paintings in the world: https://en.wikipedia.org/wiki/Sunderland_A.F.C.#/media/File:...
That is pretty neat actually.
I don't really follow football but I do enjoy the shit talking. This seems like a fun team to root for actually :)
I was once goaded into going to a Sunderland away game. I was somewhat surprised to hear them chanting "he s*ts where he wants" to the tune of the theme from the Addams Family.
No, I cannot explain.
No, I cannot explain.
There's quite a good series on Netflix about the club called "Sunderland 'til I die". The timing was sort of perfect, when it started Sunderland had just been relegated from the Premiership (England's top tier) and I think it was intended to be a series documenting them rebuilding the team and immediately getting promoted back. In reality thought it didn't go like that at all. The team collapsed, their wealthy owner lost interest and stopped supporting them financially, they made a few management blunders and suffered more tragedy that I will not spoil.
I don't support the team, but I still found the series quite fascinating and found myself rooting for them to succeed. I was surprised to see two of my university friends in the show - Sophie (one of the backroom staff who clashed with the management) and another friend who happened to be in the crowd and got an extreme-closeup before/after a goal in one of the match sequences.
I don't support the team, but I still found the series quite fascinating and found myself rooting for them to succeed. I was surprised to see two of my university friends in the show - Sophie (one of the backroom staff who clashed with the management) and another friend who happened to be in the crowd and got an extreme-closeup before/after a goal in one of the match sequences.
USA chiming in here to point out that the name of the sport is pronounced "soccer".
To be clear, the above was meant as satire. Maybe not a good example of the form though.
That is par of the course, you are always taunted no matter what your team is or isn’t doing .
I would rather be taunted and be in the conversation rather than fade away as a once good club .
I would rather be taunted and be in the conversation rather than fade away as a once good club .
[deleted]
odds are UK and UAE mutually hacked each other.
> "Like, yeah, blame the UAE mostly for this but let's also have a discussion about why this was sold to anyone who would pay with no oversight at all. Western countries need to do better."
The UK itself is one of the largest weapon exporters in the world, exporting to many countries in the Middle East with dubious human rights track records. The UK government can't possibly know what happens with every single pistol, bullet, missile or drone they sell (if they could, nobody would be buying):
[1] https://commonslibrary.parliament.uk/research-briefings/cbp-... [2] https://en.wikipedia.org/wiki/UK_arms_export
A private Israeli company is exporting weapons to the same countries the UK does, and when those weapons get used inappropriately, you're then "surprised this isn't a major diplomatic incident between the UK and Israel".
By the same account, are you suggesting that there should be a major diplomatic incident between every country in the world and the UK/USA every time they catch terrorists somewhere around the world using either UK/USA built-or-designed firearms?
There wouldn't be any diplomatic relationships left then:
[3] https://en.wikipedia.org/wiki/List_of_most-produced_firearms
The UK itself is one of the largest weapon exporters in the world, exporting to many countries in the Middle East with dubious human rights track records. The UK government can't possibly know what happens with every single pistol, bullet, missile or drone they sell (if they could, nobody would be buying):
[1] https://commonslibrary.parliament.uk/research-briefings/cbp-... [2] https://en.wikipedia.org/wiki/UK_arms_export
A private Israeli company is exporting weapons to the same countries the UK does, and when those weapons get used inappropriately, you're then "surprised this isn't a major diplomatic incident between the UK and Israel".
By the same account, are you suggesting that there should be a major diplomatic incident between every country in the world and the UK/USA every time they catch terrorists somewhere around the world using either UK/USA built-or-designed firearms?
There wouldn't be any diplomatic relationships left then:
[3] https://en.wikipedia.org/wiki/List_of_most-produced_firearms
The difference is NSO control the Pegasus servers. They know who is using their tools and who is being targeted. This isn’t the same as untraced weapons.
I'm not challenging your assertion, I'm genuinely looking for backing evidence here. Do you have evidence that NSO knows who is being targeted by the tools they sell?
Of course, the most digestible form of it is on this podcast: https://open.spotify.com/episode/38RuwrVwAHNXgHLDOANtmj
Sources are then linked on their site.
Here you go:
https://darknetdiaries.com/episode/100/
https://darknetdiaries.com/episode/100/
Could you please point out where exactly in this 69 minute podcast do they talk about NSO knowing who exactly is being targeted at any given moment, and what proof is there to back these claims? Could you perhaps quote the transcript?
This is a 69 minutes podcast episode, I'm not in a position to listen to all of it and try and pick out the relevant details. A lot of links are provided, but again - which of those are relevant here? Skimmed through some of them, and they don't even touch on this specific issue at-all?
As I've mentioned before, I'm not challenging your assertions - I'm looking for credible proof that NSO can tell, at any given moment, which specific people are being targeted by the clients/governments to which NSO is licensing its' software.
This is a 69 minutes podcast episode, I'm not in a position to listen to all of it and try and pick out the relevant details. A lot of links are provided, but again - which of those are relevant here? Skimmed through some of them, and they don't even touch on this specific issue at-all?
As I've mentioned before, I'm not challenging your assertions - I'm looking for credible proof that NSO can tell, at any given moment, which specific people are being targeted by the clients/governments to which NSO is licensing its' software.
I’ll have a relisten later to find it but in a brief scroll I found this:
https://www.theguardian.com/world/2020/apr/29/whatsapp-israe...
—-
According to WhatsApp’s filing, NSO gained “unauthorised access” to its servers by reverse-engineering the messaging app and then evading the company’s security features that prevent manipulation of the company’s call features. One WhatsApp engineer who investigated the hacks said in a sworn statement submitted to the court that in 720 instances, the IP address of a remote server was included in the malicious code used in the attacks. The remote server, the engineer said, was based in Los Angeles and owned by a company whose data centre was used by NSO.
NSO has said in legal filings that it has no insight into how government clients use its hacking tools, and therefore does not know who governments are targeting.
But one expert, John Scott-Railton of Citizen Lab, who has worked with WhatsApp on the case, said NSO’s control of the servers involved in the hack suggests the company would have had logs, including IP addresses, identifying the users who were being targeted.
“Whether or not NSO looks at those logs, who knows? But the fact that it could be done is contrary to what they say,” Scott-Railton said.
In a statement to the Guardian, NSO stood by its earlier remarks. “Our products are used to stop terrorism, curb violent crime, and save lives. NSO Group does not operate the Pegasus software for its clients,” the company said. “Our past statements about our business, and the extent of our interaction with our government intelligence and law enforcement agency customers, are accurate.”
https://www.theguardian.com/world/2020/apr/29/whatsapp-israe...
—-
According to WhatsApp’s filing, NSO gained “unauthorised access” to its servers by reverse-engineering the messaging app and then evading the company’s security features that prevent manipulation of the company’s call features. One WhatsApp engineer who investigated the hacks said in a sworn statement submitted to the court that in 720 instances, the IP address of a remote server was included in the malicious code used in the attacks. The remote server, the engineer said, was based in Los Angeles and owned by a company whose data centre was used by NSO.
NSO has said in legal filings that it has no insight into how government clients use its hacking tools, and therefore does not know who governments are targeting.
But one expert, John Scott-Railton of Citizen Lab, who has worked with WhatsApp on the case, said NSO’s control of the servers involved in the hack suggests the company would have had logs, including IP addresses, identifying the users who were being targeted.
“Whether or not NSO looks at those logs, who knows? But the fact that it could be done is contrary to what they say,” Scott-Railton said.
In a statement to the Guardian, NSO stood by its earlier remarks. “Our products are used to stop terrorism, curb violent crime, and save lives. NSO Group does not operate the Pegasus software for its clients,” the company said. “Our past statements about our business, and the extent of our interaction with our government intelligence and law enforcement agency customers, are accurate.”
Adding to this, it's relatively trivial to have encrypted traffic transit your servers without the ability to actually view the traffic. This is basic stuff so I suspect you're not going to find the evidence from people who are citing podcasts...
Correct, and when traffic transits your servers you know where that traffic is coming from (i.e. the target). I found your last comment rude considering the podcast I citied is an interview with citizen lab researchers; the people who research Pegasus malware. The podcast website also contains sources that I also linked to above. It’s “basic stuff” to look into what someone posted before making a comment like yours.
How do you identify a target individual purely from source traffic metadata...? Sure, you can identify them if you've totally rooted a target's phone and uploads all the data such that NSO group can read it - my point is that NSO group could offer transit encryption so long as they haven't backdoored whatever client is being used.
The reason I bring that up is that it's precisely the service you might offer if you wanted more plausible deniability. I still don't consider this hugely complex stuff.
The reason I bring that up is that it's precisely the service you might offer if you wanted more plausible deniability. I still don't consider this hugely complex stuff.
What "evidence" are you looking for? Proof that humans manage the NSO servers?
The realities in that industry is that this information is provider-client privilege if you still want to sell tools.
> The UK government can't possibly know what happens with every single pistol, bullet, missile or drone they sell
You say that, but UK export law imposes a bunch of conditions, including that you're not knowingly facilitating resale to embargoed countries. And the legality of exports to Saudi Arabia has been litigated - it's legal, but only just.
You say that, but UK export law imposes a bunch of conditions, including that you're not knowingly facilitating resale to embargoed countries. And the legality of exports to Saudi Arabia has been litigated - it's legal, but only just.
> "You say that, but UK export law imposes a bunch of conditions, including that you're not knowingly facilitating resale to embargoed countries. And the legality of exports to Saudi Arabia has been litigated - it's legal, but only just."
Both the UK and Israel have export law, complete with conditions and legal frameworks for enforcement. It surely reduces the possibility of weapons ending up in the wrong hands, but it doesn't eliminate it completely. Regardless, it still doesn't imply that the manufacturers themselves or the jurisdictions they are incorporated in should somehow bear blanket responsibility for misuse.
Cyber-weapons and spying are particularly complex from this perspective, because it can be difficult to draw the lines on what constitutes as "misuse". Especially when the operator of the weapon is part of a government (a law-enforcement agency, for example), and when the victim is a citizen of a foreign jurisdiction.
With this out of the way, we're only really left with the "legal, but immoral" argument. I'm not going to argue against that (mainly because this is where things get very subjective and nuanced) - but I will say that the bar for holding an entire government accountable by invocation of "major diplomatic incidents" should be higher than that.
Both the UK and Israel have export law, complete with conditions and legal frameworks for enforcement. It surely reduces the possibility of weapons ending up in the wrong hands, but it doesn't eliminate it completely. Regardless, it still doesn't imply that the manufacturers themselves or the jurisdictions they are incorporated in should somehow bear blanket responsibility for misuse.
Cyber-weapons and spying are particularly complex from this perspective, because it can be difficult to draw the lines on what constitutes as "misuse". Especially when the operator of the weapon is part of a government (a law-enforcement agency, for example), and when the victim is a citizen of a foreign jurisdiction.
With this out of the way, we're only really left with the "legal, but immoral" argument. I'm not going to argue against that (mainly because this is where things get very subjective and nuanced) - but I will say that the bar for holding an entire government accountable by invocation of "major diplomatic incidents" should be higher than that.
>The UK government can't possibly know what happens with every single pistol, bullet, missile or drone they sell (if they could, nobody would be buying):
Oh, yes they would. And they do. Quite fucking happily, too.
Oh, yes they would. And they do. Quite fucking happily, too.
> let's also have a discussion about why this was sold to anyone who would pay with no oversight at all.
There will always be cyberweapon brokers. If not NSO, then someone else. And money talks.
Why would there be any oversight? What you need is plausible deniability.
I’d prefer if they started selling Pegasus to absolutely anyone at all. Like, online, for $999 a month or something. Maybe then there will be actual efforts to patch the vulnerabilities that are being exploited for it to work.
There will always be cyberweapon brokers. If not NSO, then someone else. And money talks.
Why would there be any oversight? What you need is plausible deniability.
I’d prefer if they started selling Pegasus to absolutely anyone at all. Like, online, for $999 a month or something. Maybe then there will be actual efforts to patch the vulnerabilities that are being exploited for it to work.
Or perhaps the security services we pay so much for could stop hoarding vulnerabilities and start patching them. So as to add to our.. security.
Of course the problem is that these services are geared towards protecting the state, as distinct from the people. It is a distinctly unpleasant legacy of the cold war. We'll learn the hard way before there's a change of mindset.
Of course the problem is that these services are geared towards protecting the state, as distinct from the people. It is a distinctly unpleasant legacy of the cold war. We'll learn the hard way before there's a change of mindset.
> If not NSO, then someone else.
There's a big difference between an underground group doing it in semi-secrecy, vs a state-sponsored company doing it publicly. With said company somehow not being sued into the ground or said country's action not being taken as an act of war in situations like this.
> I’d prefer if they started selling Pegasus to absolutely anyone at all
The high value of what they offer comes from the scarcity, which result in lower likelihood of it being patched.
There's a big difference between an underground group doing it in semi-secrecy, vs a state-sponsored company doing it publicly. With said company somehow not being sued into the ground or said country's action not being taken as an act of war in situations like this.
> I’d prefer if they started selling Pegasus to absolutely anyone at all
The high value of what they offer comes from the scarcity, which result in lower likelihood of it being patched.
NSO isn't the equivalent of NSA. While NSA is part of the US government and actively spied on allied countries with no repercussions, NSO is a privately held company employing ex intelligence. With mandatory service at 18 and the private sector paying between 8 to 10 times more, it's common to find these intelligence boys leaving the service asap and working in different private companies.
Implying Israel has anything to do with NSO or that the government is behind it, coupled with the amount of attention this gets relative to a company like Italian based Hacking Team (which both the FBI and Russian government made business with) is cause for concern. Is this hacker news or culturally biased vent club?
I think the domain cyclonefront is nice for a new forum, don't you? You can be an admin there, grow a short mustache and do quarter jumping-jacks.
Implying Israel has anything to do with NSO or that the government is behind it, coupled with the amount of attention this gets relative to a company like Italian based Hacking Team (which both the FBI and Russian government made business with) is cause for concern. Is this hacker news or culturally biased vent club?
I think the domain cyclonefront is nice for a new forum, don't you? You can be an admin there, grow a short mustache and do quarter jumping-jacks.
NSA doesn't sell Hacking as as Service to foreign countries.
While NSO isn't part of the government, their work and existence is obviously very much endorsed and allowed by their government.
While NSO isn't part of the government, their work and existence is obviously very much endorsed and allowed by their government.
These products, just like any offensive weapon, aren't quite as useful for defensive purposes, or when used by someone who doesn't do this stuff 24/7.
The justification that "somebody else would have done it" is morally bankrupt, of course, as shown in Nuremberg or the Eichmann trial. It's also just not true: by definition, the alternative would be worse in some way, or it would have been the first choice from the beginning. For simple products, the margin between the knife you are selling and the next-best choice might indeed be small. For nuclear weapons, the marginal product is 100 % less useful, as far as I can tell: there is no other seller. For tanks, you can probably get some Sowjet era relics if you know the right people in the 'stans, which will be significantly worse than western state-of-the-art but not entirely useless.
I'd say Pegasus is somewhere between the tank and the nuclear bomb on that spectrum, right now. Which might well be the point where export controls are most useful, because they also reduce the need and incentive for others to enter the market as buyers and sellers, respectively.
The justification that "somebody else would have done it" is morally bankrupt, of course, as shown in Nuremberg or the Eichmann trial. It's also just not true: by definition, the alternative would be worse in some way, or it would have been the first choice from the beginning. For simple products, the margin between the knife you are selling and the next-best choice might indeed be small. For nuclear weapons, the marginal product is 100 % less useful, as far as I can tell: there is no other seller. For tanks, you can probably get some Sowjet era relics if you know the right people in the 'stans, which will be significantly worse than western state-of-the-art but not entirely useless.
I'd say Pegasus is somewhere between the tank and the nuclear bomb on that spectrum, right now. Which might well be the point where export controls are most useful, because they also reduce the need and incentive for others to enter the market as buyers and sellers, respectively.
Ah yes, because export controls have stopped bad actors in the past.
If we can't stop Iran and North Korea from developing nuclear weapons, thinking that we can stop sale of software is, mildly speaking, delusional.
I also fail to see the relevance to Nuremberg trials, because this is a simple matter of supply and demand. There definitely is demand.
If we can't stop Iran and North Korea from developing nuclear weapons, thinking that we can stop sale of software is, mildly speaking, delusional.
I also fail to see the relevance to Nuremberg trials, because this is a simple matter of supply and demand. There definitely is demand.
> If we can't stop Iran and North Korea from developing nuclear weapons, thinking that we can stop sale of software is, mildly speaking, delusional.
I don't see any nukes in Iran.
Maybe because "we" kept that from happening, idk.
I don't see any nukes in Iran.
Maybe because "we" kept that from happening, idk.
Export controls don't work? Did I miss the news, North Korea bought an MERV tipped intercontinental ballistic missile from the 'free market'? Do they have thermonuclear warheads?
I am not convinced if we way we treated Iran is justified, but thats a different suvject. And after Ukraine, noone will. Ever give up nukes
I am not convinced if we way we treated Iran is justified, but thats a different suvject. And after Ukraine, noone will. Ever give up nukes
Because western countries use the same services to spy on their citizens. Even if they feigned outrage, the potential blowback could topple some people.
Besides, governments also tend not to want to be scrutinized on moral ground for trading war assets of any kind.
Why should I be enraged if government officials were put under surveillance? They made abundantly clear that they are in favor of increased monitoring. Their secret surveillance programs were laid open.
So how do you propose they should do better?
Besides, governments also tend not to want to be scrutinized on moral ground for trading war assets of any kind.
Why should I be enraged if government officials were put under surveillance? They made abundantly clear that they are in favor of increased monitoring. Their secret surveillance programs were laid open.
So how do you propose they should do better?
My outrage against dragnet was never about me, personally. I know I am way too unimportant to surveil. It has always been about the next thought leader, who could come from any background, from being nipped in the bud. I'm sure "they" would have loved being able to contain MLK Jr before he even had a chance to have any following
» Why should I be enraged if government officials were put under surveillance?
I am not worried about the officials themselves but the people who talk to them. Once again, the next thought leader, who could be but will never be because of the surveillance and subsequent actions.
» Why should I be enraged if government officials were put under surveillance?
I am not worried about the officials themselves but the people who talk to them. Once again, the next thought leader, who could be but will never be because of the surveillance and subsequent actions.
They even tried it back in the day and with the modern surveillance we probably would not have heard from him at all. Just the right bribe to deflect the issues and it will never become a large issue in the first place.
It doesn't even have to be malicious, there are people working in these agencies that are trained to follow orders. They believe intrinsically that what they do is necessary for security. No appeal will ever work, just a tight corset of regulation or protections by law that have actual teeth with heavy sanctions against misconduct. Today some agencies just blatantly disregard the most fundamental laws. If you scrap those you don't even need terrorists anymore, you did it all to yourself.
It doesn't even have to be malicious, there are people working in these agencies that are trained to follow orders. They believe intrinsically that what they do is necessary for security. No appeal will ever work, just a tight corset of regulation or protections by law that have actual teeth with heavy sanctions against misconduct. Today some agencies just blatantly disregard the most fundamental laws. If you scrap those you don't even need terrorists anymore, you did it all to yourself.
'They believe intrinsically that what they do is necessary for security.'
That's thr rub isn't it - if you startva security agency thst does terrible things, it will hire people that can somehow justify and rationalise those terrible things
Very few people in KGB or whatever thought that they did anything wrong
That's thr rub isn't it - if you startva security agency thst does terrible things, it will hire people that can somehow justify and rationalise those terrible things
Very few people in KGB or whatever thought that they did anything wrong
You have a similar problem with police. If you day to day see instances of crime and you have a lot of contact with criminals, you develop preconceptions towards people. You view gets skewed and you start to see crime everywhere. The same happens to security agencies that deal day to day with the spy game. This is why external observers are necessary. Not primarily to punish people stepping over lines, but to provide support and reasonable boundaries and context. People with a strong sense of duty are especially vulnerable to develop a wrong perspective.
Then there is the other dimension where corporations just help the worst dictators for profit or provide surveillance capability against the population. Almost all major names in tech are guilty here to certain degrees. Some more than others, but there are no morals in business. Especially not with investment mechanisms like ESG or similar constructs to provide wellness to rich investors, but that is another topic.
Then there is the other dimension where corporations just help the worst dictators for profit or provide surveillance capability against the population. Almost all major names in tech are guilty here to certain degrees. Some more than others, but there are no morals in business. Especially not with investment mechanisms like ESG or similar constructs to provide wellness to rich investors, but that is another topic.
Indeed, reminds me a lot about Oracle trying to sell predictive policing tech to China, tech that was already beta-tested on US protesters [0] or on the more grey scale end; Nokia facilitating lawful intercept in Russia [1]
[0] https://theintercept.com/2021/05/25/oracle-social-media-surv...
[1] https://web.archive.org/web/20220328071032/https://www.nytim...
[0] https://theintercept.com/2021/05/25/oracle-social-media-surv...
[1] https://web.archive.org/web/20220328071032/https://www.nytim...
Ironically, the fact that it's not playing out as a major dust-up in public will probably only further contribute to conspiratorial thinking in re: the Israeli gov't.
Israel seems to have a relative degree of immunity when it comes to subverting UK pol. Anyone ever see the investigative journalist piece of the Zionist group trying to subvert the UK Labour Party? They had a journalist go undercover for 6 months recording all kinds of things they weren't meant to:
https://youtube.com/watch?v=ceCOhdgRBoc
There was only minor fallout from this incident, and I imagine it will be the same here.
https://youtube.com/watch?v=ceCOhdgRBoc
There was only minor fallout from this incident, and I imagine it will be the same here.
I watched the first 15 minutes of this and what shocked me is how unrevealing it was. If someone recorded me over the course of weeks or months, I would almost certainly say something that would land me in hot water in some sense. This piece of 'investigative journalism' I actually found embarrassing, all this editing to big it up as some major conspiracy when to me, in that 15 mins at least, was at worst run of the mill lobbying. Considering how unsavoury a character Corbyn was, I actually found the subjects incredibly restrained, perhaps part of the JD however.
usrn(1)
Politics...
If russia did that, they would be treated a lot differently than israel or eg. USA.
If russia did that, they would be treated a lot differently than israel or eg. USA.
> If russia did that, they would be treated a lot differently than israel or eg. USA.
Russia poisoned multiple British nationals with chemical and radioactive weapons on British soil and got away with it scot-free.
https://www.bbc.com/news/uk-51722301
Russia poisoned multiple British nationals with chemical and radioactive weapons on British soil and got away with it scot-free.
https://www.bbc.com/news/uk-51722301
There are definitely some holes in the allegations.
https://www.craigmurray.org.uk/archives/2021/04/pure-ten-poi...
Is there any particular reason this link is actually worth reading? Is 'Crag Murray' a former high-level politician/intelligence officer with useful information? Do they have a track record of finding genuine and severe issues with government narratives?
Craig is a former ambassador to Uzbekistan, who served in the Foreign Office for many years. He's since dedicated a lot of his time to following and reporting on the Assange case in the UK.
He doesn't hide his opinions, some of which are quite strongly worded, but I don't think that makes him less worthwhile as an observer. I'd say he is less of a fact-finder/whistleblower and more of an analyser/commenter.
I personally find his articles insightful and nuanced.
He doesn't hide his opinions, some of which are quite strongly worded, but I don't think that makes him less worthwhile as an observer. I'd say he is less of a fact-finder/whistleblower and more of an analyser/commenter.
I personally find his articles insightful and nuanced.
Thanks! I think you should have noted that for people who have no idea who he is (I'm assuming many people outside of the UK).
Yeah, a random blog which references Russian state media. Got it. (y)
There are a few thousand kids (and their parents) in Yemen that became all-too-literal "end customers" for American exports of the non-cultural or Apple variety. It's fundamentally the same, except the impact was not metaphorical.
Maybe certain interest group within UK is working with certain interest group in Israel and "borrowed" Pegasus to use against other interest group(s).
Actually Yes Minster joked about surveillance put on certain ministers. Can watch for fun. Sitcoms nowadays rarely talk about political issues.
Actually Yes Minster joked about surveillance put on certain ministers. Can watch for fun. Sitcoms nowadays rarely talk about political issues.
The UK sells weapons. Should they be blamed for anyone who is affected by them? Regardless of your own opinion they would argue no. So they can’t be hypocritical.
UAE on the other hand is a decrepit money laundering people smuggling cesspit and should face the full brunt of Iran/Russia style sanctions.
UAE on the other hand is a decrepit money laundering people smuggling cesspit and should face the full brunt of Iran/Russia style sanctions.
These trojans do not run without central C&C, already proven in the past to be run by NSO. Selling a weapon is not travelling into a war zone and firing it off on behalf of who hired you; that's what a mercenary does, under punishment of death.
The UK is where the world's dictators and corrupt politicians hide their money. Does that mean you think that the UK should "face the full brunt of Iran/Russia style sanctions"? Take your double standards elsewhere.
I agree. Not double standards.
There's nothing to be gained by wringing our hands and kicking up a public fuss, crying to the press about it. That's not how grownups do business. We all know everyone spies on everyone else, it's a given. I'm sure GCHQ spies on Israel and UAE.
For all we know the security services already knew about this and were feeding false info to manipulate the UAE. Heck, the Israelis might have even tipped us off, I'm sure they value their relationship to us much more than with the UAE. I'd give it at least 50/50 Munk School trying to 'help' us just trashed a perfectly good MI6 counterintelligence op. That's the sort of way these things work.
For all we know the security services already knew about this and were feeding false info to manipulate the UAE. Heck, the Israelis might have even tipped us off, I'm sure they value their relationship to us much more than with the UAE. I'd give it at least 50/50 Munk School trying to 'help' us just trashed a perfectly good MI6 counterintelligence op. That's the sort of way these things work.
Not saying you are wrong, but the kind of leaps in assumptions you make remind me of https://en.wikipedia.org/wiki/Cognitive_dissonance
I'm not making any assumptions, I'm saying we just don't know. Those like the poster I'm responding to suggesting this mean this or that for international relations, and we should be responding this way or that way are making assumptions. I'm pointing out those assumptions are unsupported and somewhat naive.
Why would that be surprising? I haven't heard about Yemen being outraged at France for selling weapons to the UAE for example. Western countries can't do better, it's how the world has and always will operate.
I've not heard about France but Yemen has definitely been outraged at Britain for selling weapons to Saudi Arabia...
> Western countries need to do better
Yeah, I agree. The western nations which built their lead through brutal colonialism and presently maintain that lead with neo-colonialism structures where brutal governments (Saudi Arabia, Israel, UAE) do the dirty work which they (western countries) ostensibly condemn.
How about this: let’s have the western countries leave the world alone. Let’s have the western countries abandon their profit by misery business models (eg western arms industries which profiteer by instigating conflict and supplying aggressors).
Yeah, I agree. The western nations which built their lead through brutal colonialism and presently maintain that lead with neo-colonialism structures where brutal governments (Saudi Arabia, Israel, UAE) do the dirty work which they (western countries) ostensibly condemn.
How about this: let’s have the western countries leave the world alone. Let’s have the western countries abandon their profit by misery business models (eg western arms industries which profiteer by instigating conflict and supplying aggressors).
And affect my style of living?
No thanks, I'll stayas i am and keep my blind eyes turning.
> surprised this isn't a major diplomatic incident
It all depends who the (UK) Government is "friends" with. Let's not forget the infamous Russian Novichok poisoning cases in Salisbury - those naughty Russians! The Saudis execute 81 citizens in a day, and Boris visits the day after to beg for oil and gas - those naughty Saudis!
I'm not surprised it isn't a major diplomatic incident!
It all depends who the (UK) Government is "friends" with. Let's not forget the infamous Russian Novichok poisoning cases in Salisbury - those naughty Russians! The Saudis execute 81 citizens in a day, and Boris visits the day after to beg for oil and gas - those naughty Saudis!
I'm not surprised it isn't a major diplomatic incident!
3rd and 4th party collection are a hell of a drug
Expecting any honest reporting on Israel is naive. That hasn't happened for 70+ years.
[deleted]
[deleted]
The whole thing is barely in the news
postingposts(2)
>since the Israeli intelligence company was supposedly "closely monitoring how their customers were using the software"
If the Israelis were going to veto a country's use of the software, it's reasonable to assume that the country was intelligent enough not to tell them what they were doing with it.
If the Israelis were going to veto a country's use of the software, it's reasonable to assume that the country was intelligent enough not to tell them what they were doing with it.
The important thing to realize is that NSO doesn’t just hand over their attack tools completely. If they did, they would just get copied and they wouldn’t be able to charge for them.
NSO maintains control and is semi-actively involved in the exploitation (NSO servers are used and they control this access). This is very different from selling someone a knife that is later used in a murder.
There is a very good Darknet Diaries breakdown of what the NSO group can and cannot do - https://darknetdiaries.com/episode/100/ - and despite their claims otherwise, the evidence strongly points to them being complicit in attacks rather than just being a vendor.
NSO maintains control and is semi-actively involved in the exploitation (NSO servers are used and they control this access). This is very different from selling someone a knife that is later used in a murder.
There is a very good Darknet Diaries breakdown of what the NSO group can and cannot do - https://darknetdiaries.com/episode/100/ - and despite their claims otherwise, the evidence strongly points to them being complicit in attacks rather than just being a vendor.
This is a bit of a tangent but I think reports like these strengthen the argument against electronic voting. There's basically no way of building a secure electronic voting system that can beat the security and auditability properties of old school pen and paper voting.
Generally a lot of voting security experts advocate for paper ballots with electronic counting. It is very robust, efficient, has great fallback, and lots of systems available to keep secure.
I envision a system where after I vote I rip off the top of the card and am able to use that hash like token to later verify that my vote was counted correctly
That's only viable in countries/situations where secret ballots are not a strict requirement and vote buying is not perceived to be a problem
With paper ballots if you want to be sure that your vote was counted correctly you generally can go and see the counting process, as a bonus like that you help ensure that every vote is counted correctly
With paper ballots if you want to be sure that your vote was counted correctly you generally can go and see the counting process, as a bonus like that you help ensure that every vote is counted correctly
It’s possible to keep it secret, it’s just more complicated. I proposed one such setup in an old comment. Quoted here with some fixes.
“What if you get the receipt with UUID and your voting choices, then at a separate kiosk only in the polling station, you can enter your UUID to view the full results as posted online (meaning electronically recorded and stored). Along with your UUID and results, a hash of the two is displayed and can be printed onto your receipt. Before leaving the station, you must detach and dispose of the plaintext voting choices portion, but you can hang onto the UUID + hash.
At any time in the future, you can enter your UUID into the site, which will compute and display only the hash, giving you verification of no tampering but not disclosing any results to nefarious third parties.”
https://news.ycombinator.com/item?id=14921442
It’s not foolproof and still requires more trust in maths than just showing your voting choices would. But it does solve vote buying and voter intimidation.
“What if you get the receipt with UUID and your voting choices, then at a separate kiosk only in the polling station, you can enter your UUID to view the full results as posted online (meaning electronically recorded and stored). Along with your UUID and results, a hash of the two is displayed and can be printed onto your receipt. Before leaving the station, you must detach and dispose of the plaintext voting choices portion, but you can hang onto the UUID + hash.
At any time in the future, you can enter your UUID into the site, which will compute and display only the hash, giving you verification of no tampering but not disclosing any results to nefarious third parties.”
https://news.ycombinator.com/item?id=14921442
It’s not foolproof and still requires more trust in maths than just showing your voting choices would. But it does solve vote buying and voter intimidation.
The only time vote buying was historically a problem was when it was decriminalized or legal and done out in the open. The instant it was criminalized it evaporated completely.
Doing it on a scale that is large enough enough that it becomes meaningful quickly becomes impossible even if the police only do a few half hearted sting operations.
Im not particularly in favor of electronic voting but i wish this particular meme would die coz it's mainly gonna be used to excuse voting systems corrupted at the source that the voter cant check.
Doing it on a scale that is large enough enough that it becomes meaningful quickly becomes impossible even if the police only do a few half hearted sting operations.
Im not particularly in favor of electronic voting but i wish this particular meme would die coz it's mainly gonna be used to excuse voting systems corrupted at the source that the voter cant check.
From Wikipedia:
> The 2010 and 2012 surveys for the Americas Barometer showed that 15% of surveyed voters in Latin America had been offered something of value in exchange for voting a particular way
> 16% of voters [in Africa] were offered money or other goods in exchange for voting a particular way in the most recent election
And yeah, in developed countries and stable democracies it probably wouldn't be an issue, but then maybe it would eventually be, and it's a pretty big flaw to introduce in order to achieve something that is not an issue
You can already check that your vote is being counted with paper ballots, you sign up as a poll observer or worker and you look at the vote counting operations
> The 2010 and 2012 surveys for the Americas Barometer showed that 15% of surveyed voters in Latin America had been offered something of value in exchange for voting a particular way
> 16% of voters [in Africa] were offered money or other goods in exchange for voting a particular way in the most recent election
And yeah, in developed countries and stable democracies it probably wouldn't be an issue, but then maybe it would eventually be, and it's a pretty big flaw to introduce in order to achieve something that is not an issue
You can already check that your vote is being counted with paper ballots, you sign up as a poll observer or worker and you look at the vote counting operations
Brazil was a clear example of where it started out legal (until 1999!). After it was made illegal it declined a lot in spite of really inconsistent enforcement.
Where it happened it was perfectly obvious who was doing it, but the cops wouldnt touch them. It was a crime committed out in the open.
A similar pattern played out in America in the 1800s where it was widespread, made illegal, started out not particularly well enforced and then it gradually became extinct.
Everywhere it's been a problem it's basically been officially tolerated. The crime quickly becomes impossible to commit if it isnt.
This is in stark contrast to many other crimes (e.g. drugs) where even strict enforcement doesnt do much.
Where it happened it was perfectly obvious who was doing it, but the cops wouldnt touch them. It was a crime committed out in the open.
A similar pattern played out in America in the 1800s where it was widespread, made illegal, started out not particularly well enforced and then it gradually became extinct.
Everywhere it's been a problem it's basically been officially tolerated. The crime quickly becomes impossible to commit if it isnt.
This is in stark contrast to many other crimes (e.g. drugs) where even strict enforcement doesnt do much.
[deleted]
No, you could do it in a way where the voter can verify their vote was recorded correctly but can't prove it to anyone else. Trivial method: require the voter to assign random numbers to each candidate. They remember the number of the candidate they chose. The voting system later says "you voted for 6".
And how do you avoid a scenario in which you assign 6 to candidate X but the machine secretly assigns 6 to candidate Y?
You have all of the recording done to a paper tape that the user can inspect as their vote is made. That paper tape is read by machine later. That means you only need to trust the counting machine, which is pretty easy because you can easily do random samples to check it is working, or have both parties count or whatever.
You can't eliminate the possibility that your paper vote is completely discarded and replaced by fake ones. But that's not really any different to existing non-electronic voting.
You can't eliminate the possibility that your paper vote is completely discarded and replaced by fake ones. But that's not really any different to existing non-electronic voting.
I envision the same system to later verify the votes I bought
This is one of the reasons it’s not legal in many places to take a picture of a filled out ballot.
I think the problem is who builds it. I wouldn’t trust election software that wasn’t open source with a lot of eyeballs on it. Diebold wasn’t exactly a shining example to set. Preferably a non profit organization backing it and then having it adopted as a standard. I just don’t see that happening in the US where voter obstruction is part of at least one party’s strategy.
Open source doesn’t actually matter here. A closed source electronic system should work just as well. Why?
The way it should work is the machine should just print out a scantron AND a human legible copy (probably with a bar code linking the two). The person submits both by hand. You get early results by counting the scantron. Before certification, there is a statistically significant manual counting of the human legible ballots. For tighter races you recount all. The linked barcode lets you also statistically cross-validate in case there was a discrepancy between the machine readable copy printed and the hand ballot (you sample randomly).
Open source means absolutely 0 here. There are too many vectors of attack (eg physically compromising a machine, chain of custody, malware etc). Better to assume the machine is compromised and build a system that doesn’t care.
The way it should work is the machine should just print out a scantron AND a human legible copy (probably with a bar code linking the two). The person submits both by hand. You get early results by counting the scantron. Before certification, there is a statistically significant manual counting of the human legible ballots. For tighter races you recount all. The linked barcode lets you also statistically cross-validate in case there was a discrepancy between the machine readable copy printed and the hand ballot (you sample randomly).
Open source means absolutely 0 here. There are too many vectors of attack (eg physically compromising a machine, chain of custody, malware etc). Better to assume the machine is compromised and build a system that doesn’t care.
Back in 2004, “Official federal voting system standards require audit logs to record all normal and abnormal events that occur on the system.”
And yet at that time Diebold had a system that did NOT do that deployed all across the US. Someone was deleting votes, and it wasn’t being logged.
Here’s lawmakers saying “should” do something, and an opaque reality where that didn’t happen. It was also running windows…
This is an attack vector. I prefer transparency. Open source would help.
And yet at that time Diebold had a system that did NOT do that deployed all across the US. Someone was deleting votes, and it wasn’t being logged.
Here’s lawmakers saying “should” do something, and an opaque reality where that didn’t happen. It was also running windows…
This is an attack vector. I prefer transparency. Open source would help.
> Open source would help.
How does open source help? If I place a device in front of you and tell you it's open source, there is no guarantee that it is running what you can download from github.
How does open source help? If I place a device in front of you and tell you it's open source, there is no guarantee that it is running what you can download from github.
> It was also running windows…
Nothing wrong with this choice. The rest of your point still stands though.
Nothing wrong with this choice. The rest of your point still stands though.
It’s just that windows is quite a bit more complex and vulnerable compared to much simpler and security focused OSs like a BSD back then or maybe Alpine Linux these days.
That's the point of the system I described. Vulnerabilities of the automated system don't matter. You verify the manual result and the digital result are the same.
The only output of the machine could be a bit of paper that you can view through a window and verify. Doesn't really matter if it's closed source.
So we don’t have to trust that the company wrote it correctly. https://www.wired.com/2009/08/diebold-audit-logs
Correct.
Not sure why you linked that?
Not sure why you linked that?
The issue is verification - how do you verify the elctronic count was accurate?
And if you're going to manually count it to verify the electronic count, then why have the electronic count in the first place?
A small, statistically representative sample of the paper ballots are counted by hand and compared against the electronic count. If discrepancy arises, a more thorough audit is performed.
Interesting, makes sense. Is this actually the recommended resolution process by the vendors as well or is this something that needs to be approved and adopted by each voting precinct?
Because the results can be statistically verified with sampling rather than a full manual recount?
Spot checks are good enough in such a case; if you manually count 1% of the votes and the margin of error is negligible, the electronic count is sound. If there's too many errors / differences, stop using the electronic counting and just count by hand.
I mean it's not exactly rocket science.
I mean it's not exactly rocket science.
Do a manual count for a random sample plus all tight races and in case of any suspicions or challenges.
This is what a lot of states get wrong, with the voting machine itself being the gateway to entering your vote and having it read. For the machines in my Georgia county, it prints a paper ballot that you drop it into a counting/scanner machine, but the issue is that the only thing on the paper is a QR code that is likely encrypted (nothing readable when scanned with a standard QR reader), so there really isn't a way to verify that the paper you got actually matched what you entered into the ballot machine.
The ideal system is: ballot machine entry -> prints paper ballot scantron style, so the only information the scanner will see is what you've verified is correct -> scanner reads it and enters it into their database while also saving the paper.
The ideal system is: ballot machine entry -> prints paper ballot scantron style, so the only information the scanner will see is what you've verified is correct -> scanner reads it and enters it into their database while also saving the paper.
This is how it works in India: Once we click the button for a candidate, There will be light highlighting the selection on the voting machine. A printer that is connected to the voting machine prints the voted candidate symbol (and name?) and shows us the printed paper through a glass for a few seconds for verification and then drops it in.
Later during the counting procedure, random ballots are counted for both. If someone arises some issues about the voting, those are then counted using printed ballot papers.
Later during the counting procedure, random ballots are counted for both. If someone arises some issues about the voting, those are then counted using printed ballot papers.
India is the only country doing electronic voting well that I'm aware of
Almost certainly the only one doing it well and at scale
Almost certainly the only one doing it well and at scale
I do not think so (my opinion, I may be wrong here).
Paper ballots (pen and paper) are susceptible to more rigging. Government officials can directly change the results by deliberately miscounting the results. It is seen in many countries where corruption is very high in the election commission. In these places, elected candidates, voters, 'pro-democracy' individuals advocate for electronic voting (Electronic Voting Machine, EVM.)
Recently, we saw the images and videos from the recent Belarus Lukashenk elections, where the officials just threw out paper ballots. In Pakistan, to curb voter fraud by paper ballots the previous Imran Khan (PTI) Government tried to install electronic voting equipments at locations particularly in rural areas where voter fraud was at a really high rate.
The ruling Government can use its state power to influence the outcome of elections. By pen and paper, the actual voting happens in a 'democratic way', but, the counting is left to individuals which will commit voter fraud.
Whereas, in electronic voting, 'Code Is Law, every single vote is counted properly. To curb the cons/disadvantages of electronic voting, which are
a.) The underlying code can be tweaked by the ruling government to give them an advantage in the counting.
b.) Voter fraud can be committed by abusing the actual hardware of the voting machine.
To solve this particular problem, the Election Commission of India (ECI) recently tried to bring some new changes. It majorly includes, having paper proof along with electronic proof called as VVPAT (Voter Verifiable Paper Audit Trail). The way it happens is:- When you cast your vote to a candidate 'C', the machine will print a slip with the proof of your vote to candiate 'C'.
So, if the opposition party alleges that voter fraud happened with the tampering of EVM, the election commission (or an independent third party, or the opposition candidate himself on his own) can then do a recount based on the VVPAT slips and cross-check the results per booth (per EVM).
Paper ballots (pen and paper) are susceptible to more rigging. Government officials can directly change the results by deliberately miscounting the results. It is seen in many countries where corruption is very high in the election commission. In these places, elected candidates, voters, 'pro-democracy' individuals advocate for electronic voting (Electronic Voting Machine, EVM.)
Recently, we saw the images and videos from the recent Belarus Lukashenk elections, where the officials just threw out paper ballots. In Pakistan, to curb voter fraud by paper ballots the previous Imran Khan (PTI) Government tried to install electronic voting equipments at locations particularly in rural areas where voter fraud was at a really high rate.
The ruling Government can use its state power to influence the outcome of elections. By pen and paper, the actual voting happens in a 'democratic way', but, the counting is left to individuals which will commit voter fraud.
Whereas, in electronic voting, 'Code Is Law, every single vote is counted properly. To curb the cons/disadvantages of electronic voting, which are
a.) The underlying code can be tweaked by the ruling government to give them an advantage in the counting.
b.) Voter fraud can be committed by abusing the actual hardware of the voting machine.
To solve this particular problem, the Election Commission of India (ECI) recently tried to bring some new changes. It majorly includes, having paper proof along with electronic proof called as VVPAT (Voter Verifiable Paper Audit Trail). The way it happens is:- When you cast your vote to a candidate 'C', the machine will print a slip with the proof of your vote to candiate 'C'.
So, if the opposition party alleges that voter fraud happened with the tampering of EVM, the election commission (or an independent third party, or the opposition candidate himself on his own) can then do a recount based on the VVPAT slips and cross-check the results per booth (per EVM).
> can directly change the results by deliberately miscounting the results
This is why in liberal democracies the process of casting and counting votes is usually done in the presence of at least representatives of the candidates running and more usually whoever wants to attend them
You'd need total complicity in every single polling station to cheat without raising alarms
In electronic/internet voting, unless there is a paper trail which can be counted in the same manner as manual voting, all you need is government officials to tweak the code/the hardware being used. Are you going to let every candidate audit every single machine independently? Unlikely since that is, in and of itself, a security risk
> where the officials just threw out paper ballots
And since they had to physically remove material evidence we were able to get videos of it happening. Plugging an USB while the machine is in the warehouse or in the middle of voting can be done a lot more discreetly
> counting is left to individuals which will commit voter fraud
Which is why counting is usually done with supervision
The system in India works, but it works because it reduces the entire process to a paper ballot. Ultimately the security guarantees of the Indian elections are identical to the security guarantees of the traditional paper ballot system
The digital component is limited to easing the logistics of getting the first results of the election in a timely manner
Which is about the extent to which you should trust electronic voting
This is why in liberal democracies the process of casting and counting votes is usually done in the presence of at least representatives of the candidates running and more usually whoever wants to attend them
You'd need total complicity in every single polling station to cheat without raising alarms
In electronic/internet voting, unless there is a paper trail which can be counted in the same manner as manual voting, all you need is government officials to tweak the code/the hardware being used. Are you going to let every candidate audit every single machine independently? Unlikely since that is, in and of itself, a security risk
> where the officials just threw out paper ballots
And since they had to physically remove material evidence we were able to get videos of it happening. Plugging an USB while the machine is in the warehouse or in the middle of voting can be done a lot more discreetly
> counting is left to individuals which will commit voter fraud
Which is why counting is usually done with supervision
The system in India works, but it works because it reduces the entire process to a paper ballot. Ultimately the security guarantees of the Indian elections are identical to the security guarantees of the traditional paper ballot system
The digital component is limited to easing the logistics of getting the first results of the election in a timely manner
Which is about the extent to which you should trust electronic voting
You pointed the problems out yourself, but the compromise india gives is severely misguided: It leaves the possibility of the paper ballots not being counted. If the paper ballots aren't counted, you open yourself up to the possibility of both a) and b). If the paper ballots are always counted, Tom Scott had the very nice quote "Congratulations, you just invented the world's most expensive pencil."
There is no better way of voting than physical paper, but the running government has to be both determined to allow democratic elections and enforce its monopoly on violence to protect the voters and ballots.
There is no better way of voting than physical paper, but the running government has to be both determined to allow democratic elections and enforce its monopoly on violence to protect the voters and ballots.
True, it can be costly, I agree with it. But there is no other way to have fair elections where everyone beleives that the election which happened was fair itself.
In paper ballot voting, the election commision is gonna count the paper ballots one by one. It is gonna cost money. The same amount of money will be for EVM+VVPAT. (less actually, as paper counting will be less and reserved for candidates who want a recount).
In paper ballot voting, the election commision is gonna count the paper ballots one by one. It is gonna cost money. The same amount of money will be for EVM+VVPAT. (less actually, as paper counting will be less and reserved for candidates who want a recount).
Does having a paper trail generated exactly after voting help? This is the system that's followed in India. I tried to think of ways it could fail but it seemed pretty fool proof as far as I can think. I'm pretty sure I might have missed some corner case
If you're going to have a paper trail for an electronic system, then why not just use the paper system?
It's like there's a pro-electronic movement that's looking for every excuse to move to electronic...
Ok, so we go electronic. We put in all these extra checks and balances to account for it's downsides. It runs well. People start questioning the need for the checks and balances, since it's so full-proof. So we remove the checks and balances. <anakin-fun-begins.gif> <shocked-pikachu.gif>
For the people that complain about the staffing requirements for a paper-based election: it's a feature, not a bug. The sheer number of people involved make it virtually impossible to rig an election.
It's like there's a pro-electronic movement that's looking for every excuse to move to electronic...
Ok, so we go electronic. We put in all these extra checks and balances to account for it's downsides. It runs well. People start questioning the need for the checks and balances, since it's so full-proof. So we remove the checks and balances. <anakin-fun-begins.gif> <shocked-pikachu.gif>
For the people that complain about the staffing requirements for a paper-based election: it's a feature, not a bug. The sheer number of people involved make it virtually impossible to rig an election.
In India at least there is a lot of votes to manually count. Electronic just makes things smoother. As for people questioning the need I didn't hear anyone raising the during the last election I followed. Besides I'm pretty sure either the election commission of India or the various opposition parties will point out the problems with having just electronic vote records. As far as electronic voting with paper trail goes I see it as just a normal paper based voting system with an automated counting system that can be easily verified
> "For the people that complain about the staffing requirements for a paper-based election: it's a feature, not a bug. The sheer number of people involved make it virtually impossible to rig an election."
There are two ways to rig an election. The first is miscounting or changing votes but I think the other is the real risk and likely dates to the very first time we as a species ever started having votes by anonymous ballot: ballot stuffing. If, at any time in counting process, an individual could successfully insert a single valid but fabricated ballot into the process, the entire system is vulnerable.
And the number of votes required to change elections tends to be shockingly low. In the 2020 election, more than 155 million people voted, but the outcome of the presidential election itself was decided by a total of less than 43,000 votes [1]. That's a margin of victory of 0.03%. So a system that was 99.9% accurate at ensuring that each ballot was completely legitimate would be insufficient.
[1] - https://townhall.com/tipsheet/mattvespa/2021/02/10/wapo-the-...
There are two ways to rig an election. The first is miscounting or changing votes but I think the other is the real risk and likely dates to the very first time we as a species ever started having votes by anonymous ballot: ballot stuffing. If, at any time in counting process, an individual could successfully insert a single valid but fabricated ballot into the process, the entire system is vulnerable.
And the number of votes required to change elections tends to be shockingly low. In the 2020 election, more than 155 million people voted, but the outcome of the presidential election itself was decided by a total of less than 43,000 votes [1]. That's a margin of victory of 0.03%. So a system that was 99.9% accurate at ensuring that each ballot was completely legitimate would be insufficient.
[1] - https://townhall.com/tipsheet/mattvespa/2021/02/10/wapo-the-...
Here in Australia, ballots are (initially) counted at the place they were cast. Every ballot issued has a corresponding (but unlinkable) person on the roll (electors are crossed off the roll prior to a ballot being issued). The count of names crossed corresponds to the number of ballots issued which will correspond to the number of ballots counted at the end of the day. Virtually impossible to "insert" a ballot as then your final count would exceed ballots issued.
As the count is completed at the polling place, of which there are multiple per electorate, the total number of votes is substantially lower than 43,000 even, and so the % accuracy is much higher. No publicised figure (that I know of) for how many "missing" ballots there can be before questions are raised, but I suspect its in the single digit range. Ballots are generally counted a couple of times but, even more if there's any ballots missing.
As the count is completed at the polling place, of which there are multiple per electorate, the total number of votes is substantially lower than 43,000 even, and so the % accuracy is much higher. No publicised figure (that I know of) for how many "missing" ballots there can be before questions are raised, but I suspect its in the single digit range. Ballots are generally counted a couple of times but, even more if there's any ballots missing.
> If, at any time in counting process, an individual could successfully insert a single valid but fabricated ballot into the process
This varies by jurisdiction obviously, but where I'm from the procedure for counting must be done in an area which the public can access and it begins with a single person taking ballots out of the box one by one and giving it to a chain of 2-3 other people.
This way you can count how many ballots were taken out of the box and check with the totals at the end
And obviously the box is always in the presence of observers from various stakeholders
> less than 43,000 votes
Unless you can predict where these tiny margins will manifest with perfect accuracy you'd need to add a lot more fake votes, or at least have thousands of conspirators ready to add them at a moment's notice, that's ridiculously hard to organize discreetly
This varies by jurisdiction obviously, but where I'm from the procedure for counting must be done in an area which the public can access and it begins with a single person taking ballots out of the box one by one and giving it to a chain of 2-3 other people.
This way you can count how many ballots were taken out of the box and check with the totals at the end
And obviously the box is always in the presence of observers from various stakeholders
> less than 43,000 votes
Unless you can predict where these tiny margins will manifest with perfect accuracy you'd need to add a lot more fake votes, or at least have thousands of conspirators ready to add them at a moment's notice, that's ridiculously hard to organize discreetly
I’d argue that gerrymandering is a far bigger issue than ballot stuffing. Its sole purpose is to ensure that elections go in favor of the party who draws the map. If that ain’t rigging an election, I don’t know what is.
I presume costs (wages vs computers) are a significant factor.
> then why not just use the paper system?
One reason is efficiency, if you have the machines counting you get results faster and then you can audit only a random sample of machines records and get statistical guarantees of the election integrity. (The machine can't know before that it will be audited so if you test thousands of machines and find no discrepancy it's highly unlikely a significant portion of the others did cheat)
A second is that it allows one more level of trust. With a paper ballot you have to trust that the poll workers are going to notice/stop/not help ballot stuffing etc. In most cases that's a good enough guarantee, but with voting machines you can also trust the people who programmed audited it
If the poll workers are trustworthy, because of the paper trail, you don't have to trust the auditers of the machines, but if you don't trust the poll workers then you can gain a modicum of trust from the auditers
https://www.brookings.edu/blog/techtank/2019/12/06/how-elect...
This link talks about the benefits in the indian election, specifically a software lock on the amount of votes per minute that can be cast
It also shows that in 2013 they audited "only" 20k machines out of almost millions yet found no discrepancy. Statistically that's probably good enough if the choice of machines audited was random
One last way it might be useful, though this is an abstract scenario, is if you want to deploy a more complicated to count voting system to large areas. In some voting systems counting can't be done in parallel, you need to do one round of counting, wait for everyone else and then do a second round and so on.
Similarly some voting systems might benefit from a digitized interface (for instance ballots in austria look like this: https://cdn1.vienna.at/2013/09/zettel.jpg and there are systems which would lead to even larger forms) which outputs a paper trail with only the actual information the voter inputed (in the case of the ballot I showed it'd pretty much just show a party name and a list of candidate names)
In these cases a machine outputting an auditable digital model of the votes cast would greatly simplify counting procedures. You could have every polling station just publish a signed file with the votes in their station and everyone could run the election algorithm
The votes can then be audited same as in the indian system
One reason is efficiency, if you have the machines counting you get results faster and then you can audit only a random sample of machines records and get statistical guarantees of the election integrity. (The machine can't know before that it will be audited so if you test thousands of machines and find no discrepancy it's highly unlikely a significant portion of the others did cheat)
A second is that it allows one more level of trust. With a paper ballot you have to trust that the poll workers are going to notice/stop/not help ballot stuffing etc. In most cases that's a good enough guarantee, but with voting machines you can also trust the people who programmed audited it
If the poll workers are trustworthy, because of the paper trail, you don't have to trust the auditers of the machines, but if you don't trust the poll workers then you can gain a modicum of trust from the auditers
https://www.brookings.edu/blog/techtank/2019/12/06/how-elect...
This link talks about the benefits in the indian election, specifically a software lock on the amount of votes per minute that can be cast
It also shows that in 2013 they audited "only" 20k machines out of almost millions yet found no discrepancy. Statistically that's probably good enough if the choice of machines audited was random
One last way it might be useful, though this is an abstract scenario, is if you want to deploy a more complicated to count voting system to large areas. In some voting systems counting can't be done in parallel, you need to do one round of counting, wait for everyone else and then do a second round and so on.
Similarly some voting systems might benefit from a digitized interface (for instance ballots in austria look like this: https://cdn1.vienna.at/2013/09/zettel.jpg and there are systems which would lead to even larger forms) which outputs a paper trail with only the actual information the voter inputed (in the case of the ballot I showed it'd pretty much just show a party name and a list of candidate names)
In these cases a machine outputting an auditable digital model of the votes cast would greatly simplify counting procedures. You could have every polling station just publish a signed file with the votes in their station and everyone could run the election algorithm
The votes can then be audited same as in the indian system
> The machine can't know before that it will be audited so if you test thousands of machines and find no discrepancy it's highly unlikely a significant portion of the others did cheat
> It also shows that in 2013 they audited "only" 20k machines out of almost millions yet found no discrepancy. Statistically that's probably good enough if the choice of machines audited was random
So how do you protect against the corrupt actor manipulating every machine except the percent that will be checked?
> With a paper ballot you have to trust that the poll workers are going to notice/stop/not help ballot stuffing etc
There's a simple and straight forward solution: Have people from opposing political parties count the vote and check each others result. If you have members of the far left, far right and everything in between sitting there, checking each others results, theres about a 0% chance any vote will be miscounted.
> In these cases a machine outputting an auditable digital model of the votes cast would greatly simplify counting procedures. You could have every polling station just publish a signed file with the votes in their station and everyone could run the election algorithm
There is no difference between a machine publishing the counted votes and the poll workers publishing the counted votes, is there?
> It also shows that in 2013 they audited "only" 20k machines out of almost millions yet found no discrepancy. Statistically that's probably good enough if the choice of machines audited was random
So how do you protect against the corrupt actor manipulating every machine except the percent that will be checked?
> With a paper ballot you have to trust that the poll workers are going to notice/stop/not help ballot stuffing etc
There's a simple and straight forward solution: Have people from opposing political parties count the vote and check each others result. If you have members of the far left, far right and everything in between sitting there, checking each others results, theres about a 0% chance any vote will be miscounted.
> In these cases a machine outputting an auditable digital model of the votes cast would greatly simplify counting procedures. You could have every polling station just publish a signed file with the votes in their station and everyone could run the election algorithm
There is no difference between a machine publishing the counted votes and the poll workers publishing the counted votes, is there?
> how do you protect against the corrupt actor manipulating every machine except the percent that will be checked?
According to this: https://timesofindia.indiatimes.com/india/count-vvpat-slips-...
India checks 5 machines randomly selected in each voting "segment", no clue what that is but it's smaller than a constituency so I guess it's a polling station
From what I understood that's done locally right away after polls close. So that means that you'd need a way for the conspirators to identify the non tampered machines and for them to randomly select exactly those machines and you'd need them to be present in almost all polling stations and no one to challenge the choice
At that point it's essentially the same level of trust needed for paper ballots
> Have people from opposing political parties count the vote and check each others result
Yeah, but apparently that particular attack vector was a problem in India and this feature helps mitigate it, electoral solutions need to account for the practical situation they're in. For instance I don't support any form of electronic voting machines in my polity because the electoral system works fine with paper ballots and there aren't issues of ballot stuffing
> There is no difference between a machine publishing the counted votes and the poll workers publishing the counted votes, is there?
Yeah, but I was talking, for lack of a better term, about non additive electoral systems, in which the information conveyed in multiple ballots cannot be easily compressed
For instance in the FPTP system you can compress all the information in a polling station by counting how many votes for X how many for Y etc. And you can simply add up these numbers to other stations
The complexity scales linearly with the number of candidates
In a system like, for instance, IRV, where the voter ranks the candidates and the rank is an important part of the ballot itself you can't easily transpose all this information into a single number
The most you could do is build a tree data structure where the first level nodes are the first preferences and each node points to other nodes based on the successive preferences.
In this case the complexity of the process is exponential/factorial because you need a field for every possible combination of preferences, including cases in which not all candidates are ranked
My point was that going from a ballot to that structure is probably more error prone and time consuming to do manually than having a machine do it and that could conceivably be a reasonable justification to use electronic voting machines
The auditing will still be time consuming but that's mitigated by the fact that you audit only a portion of voting machines
But to clarify, I'm of the opinion that paper ballots and manual counting are preferable in every electoral system used at the national level that I'm aware of
India's electronic system is just not worse than paper ballots, which for electronic voting systems is a huge success
According to this: https://timesofindia.indiatimes.com/india/count-vvpat-slips-...
India checks 5 machines randomly selected in each voting "segment", no clue what that is but it's smaller than a constituency so I guess it's a polling station
From what I understood that's done locally right away after polls close. So that means that you'd need a way for the conspirators to identify the non tampered machines and for them to randomly select exactly those machines and you'd need them to be present in almost all polling stations and no one to challenge the choice
At that point it's essentially the same level of trust needed for paper ballots
> Have people from opposing political parties count the vote and check each others result
Yeah, but apparently that particular attack vector was a problem in India and this feature helps mitigate it, electoral solutions need to account for the practical situation they're in. For instance I don't support any form of electronic voting machines in my polity because the electoral system works fine with paper ballots and there aren't issues of ballot stuffing
> There is no difference between a machine publishing the counted votes and the poll workers publishing the counted votes, is there?
Yeah, but I was talking, for lack of a better term, about non additive electoral systems, in which the information conveyed in multiple ballots cannot be easily compressed
For instance in the FPTP system you can compress all the information in a polling station by counting how many votes for X how many for Y etc. And you can simply add up these numbers to other stations
The complexity scales linearly with the number of candidates
In a system like, for instance, IRV, where the voter ranks the candidates and the rank is an important part of the ballot itself you can't easily transpose all this information into a single number
The most you could do is build a tree data structure where the first level nodes are the first preferences and each node points to other nodes based on the successive preferences.
In this case the complexity of the process is exponential/factorial because you need a field for every possible combination of preferences, including cases in which not all candidates are ranked
My point was that going from a ballot to that structure is probably more error prone and time consuming to do manually than having a machine do it and that could conceivably be a reasonable justification to use electronic voting machines
The auditing will still be time consuming but that's mitigated by the fact that you audit only a portion of voting machines
But to clarify, I'm of the opinion that paper ballots and manual counting are preferable in every electoral system used at the national level that I'm aware of
India's electronic system is just not worse than paper ballots, which for electronic voting systems is a huge success
I’ve always wondered they we’ll get the cyberpunk future we envisioned when people decide physical media is the sweet spot between paper/written representation and digital media. Like old cdrom style discs that can only possibly be write-once, and the provenance of the data on it depends on the physical presence of the media itself.
Not that I’m necessarily advocating for it. Just they seems like a plausible future.
Not that I’m necessarily advocating for it. Just they seems like a plausible future.
For voting integrity, the vote that is saved needs to be human-readable (the voter should be able to make sure that the digital part of the machine didn't change their vote), so digital storage is right out.
Plus, even with some absolutely secure digital voting system, there's no way you could explain it to most people. A huge advantage of paper voting is that everyone can understand it works and how it can be attacked.
Otherwise it's going to be even easier to claim the system is rigged or foreign hackers manipulated the vote or whatever, to undermine trust.
There’s actually a pretty interesting approach in which: voters can see that their vote counted, everyone can tally anonymous votes, and it is resistant to DoS https://people.csail.mit.edu/rivest/pubs/RR14b.pdf
Of course, the real problem would be explaining to the general population that this works. Great in theory, but will never pan out
Of course, the real problem would be explaining to the general population that this works. Great in theory, but will never pan out
If you can verify your vote, how do you stop threats or bribery being used to buy votes?
Show me your receipt saying you voted for Big Ron and I’ll give you a fiver and/or won’t hit you in the knees with a spanner.
Show me your receipt saying you voted for Big Ron and I’ll give you a fiver and/or won’t hit you in the knees with a spanner.
Big Ron can ask you to take a picture of the paper ballot as well, so regardless of mechanism you’re in a pretty sticky situation.
It’s not a perfect system, but I would personally find it comforting knowing that I could verify that my vote counted and that I could independently confirm the election results
Edit: haven’t read the paper in a while, but IIRC you can see that the vote counted without revealing details of who you voted for. They definitely would have covered this case
It’s not a perfect system, but I would personally find it comforting knowing that I could verify that my vote counted and that I could independently confirm the election results
Edit: haven’t read the paper in a while, but IIRC you can see that the vote counted without revealing details of who you voted for. They definitely would have covered this case
> Big Ron can ask you to take a picture of the paper ballot as well,
You can take a picture of a marked paper ballot, trade it in for a fresh one (original is destroyed) and mark the new one differently and turn it in.
A ballot picture doesn't prove the ballot was cast and counted, a receipt that identifies the voted candidate does.
You can take a picture of a marked paper ballot, trade it in for a fresh one (original is destroyed) and mark the new one differently and turn it in.
A ballot picture doesn't prove the ballot was cast and counted, a receipt that identifies the voted candidate does.
We would need some voting system where each person can verify that their vote was properly counted, something like this: secure end-to-end verifiable e-voting system
using zero knowledge based blockchain: https://eprint.iacr.org/2018/466.pdf
We should never consider any voting system that is not simple to the point of being almost-trivial. Anything even slightly more complex than necessary will lead to accusations of cheating which are enough to create massive instability - even when they are provably false. We see this even with the current election systems!
Since there's no simple way to explain 'blockchain' to non-tech people, any voting system using it is irrelevant - and will end up discarded like nearly all the other attempts invoking blockchain hype.
Since there's no simple way to explain 'blockchain' to non-tech people, any voting system using it is irrelevant - and will end up discarded like nearly all the other attempts invoking blockchain hype.
> Anything even slightly more complex than necessary will lead to accusations of cheating
The zero-knowledge proof avoids that...
Even with paper ballots, there's no way to verify that your vote was counted.... as far as I know
The zero-knowledge proof avoids that...
Even with paper ballots, there's no way to verify that your vote was counted.... as far as I know
The zero-knowledge proof avoids true accusations of a particular type of cheating. However, the biggest problem is humans, not machines. An election system must be ELI5able, or we can expect a fair amount of instability regardless of truth.
There are plenty of ELI5 explanations of zero-knowledge proofs
Yeah, not like there's any sort of transparent way to audit a public chain of data blocks representing votes associated with an anonymous certificates that would allow end users (verified with registration cards and authorized with their mobile device biometrics) to check their votes were recorded correctly and for 3rd parties to easily audit the vote totals.
That's a problem that hasn't been solved at all by the current applications of cryptography.
Even if my computer gets hacked, as long as I can trivially search my "confirmation id" from another device to ensure it's what I cast, I'm going to see if it was or wasn't tampered with.
Having public records of votes on a per vote basis with multiple layers of cryptographic signatures at each stage of processing them would be a world of improvement over the current system, both client side and server side attacks considered.
That's a problem that hasn't been solved at all by the current applications of cryptography.
Even if my computer gets hacked, as long as I can trivially search my "confirmation id" from another device to ensure it's what I cast, I'm going to see if it was or wasn't tampered with.
Having public records of votes on a per vote basis with multiple layers of cryptographic signatures at each stage of processing them would be a world of improvement over the current system, both client side and server side attacks considered.
Being able to easily validate what individual people voted for is exactly the opposite of what you want in a voting system, as it make vote buying/selling trivial. I suggest looking into the huge list of previous electoral fraud for all the different kind of attacks that need to be defended against: https://en.wikipedia.org/wiki/Electoral_fraud
Voter coercion and retaliation for voting 'the wrong way' is probably even more important than vote buying/selling.
A key feature of a secret ballot is that it must remove the ability for anyone to verify how you voted even with your cooperation (no matter if willing, coerced or bought) - you must have plausible deniability i.e. any reasonable "demonstration" to others how you voted must be possible even if you actually voted differently.
A key feature of a secret ballot is that it must remove the ability for anyone to verify how you voted even with your cooperation (no matter if willing, coerced or bought) - you must have plausible deniability i.e. any reasonable "demonstration" to others how you voted must be possible even if you actually voted differently.
This argument never really made sense to me, because it's already completely undermined by mail in voting in which you can not only sell your vote but even have the guy you sold it to turn it in for you so he can be 100% certain he's getting what he wanted. You can even give him a 'blank check' by filling out your personal data/signature, and leave the vote slots blank for him.
And for context on the scale of this, in the 2020 election there were 65,642,049 mail-in-votes cast. And the outcome of the presidential election was decided by 42,921 votes. [1]
[1] - https://www.cfr.org/blog/2020-election-numbers
And for context on the scale of this, in the 2020 election there were 65,642,049 mail-in-votes cast. And the outcome of the presidential election was decided by 42,921 votes. [1]
[1] - https://www.cfr.org/blog/2020-election-numbers
> it's already completely undermined by mail in voting
This keeps coming up but is not generally true. See my comment from another thread [0]:
I don't know how it's done in the USA, but in Germany voting by post has to be carried out before the day of the election. The actual postal votes are stored and only opened on the day of the election. After somebody send in their postal vote they can go to the public voting office and declare to invalidate their postal vote. The people counting the postal votes will get a list with invalidated votes and remove these envelopes before the votes are opened. The person who invalidated can then either do another postal vote or vote at the ballot box.
So in Germany postal voting is secured against selling votes.
[0] https://news.ycombinator.com/item?id=30843447
This keeps coming up but is not generally true. See my comment from another thread [0]:
I don't know how it's done in the USA, but in Germany voting by post has to be carried out before the day of the election. The actual postal votes are stored and only opened on the day of the election. After somebody send in their postal vote they can go to the public voting office and declare to invalidate their postal vote. The people counting the postal votes will get a list with invalidated votes and remove these envelopes before the votes are opened. The person who invalidated can then either do another postal vote or vote at the ballot box.
So in Germany postal voting is secured against selling votes.
[0] https://news.ycombinator.com/item?id=30843447
> already completely undermined by mail in voting
Which is why mail in voting is a bad idea
Just because bad things are happening doesn't mean people need to like more bad things being made easier to achieve
Which is why mail in voting is a bad idea
Just because bad things are happening doesn't mean people need to like more bad things being made easier to achieve
> verified with registration cards and authorized with their mobile device biometrics
What does "verified" even mean here? At the end of the day, you need to convert it to some cryptographic key, and then that key is vulnerable to attack: either it's kept in the voting machine, in which case the machines themselves are a single point of failure, or else it's given to voters, in which case their insecure phones, computers, etc are easily compromised to get the keys.
Checking your votes doesn't help: a significant number of people do not vote. An attacker can submit votes on behalf of those people using their keys and noone will know, and even if you find someone who claimed that they didn't vote, how would you ever prove it either way?
The advantage of a physical system is that there is no single point of failure: changing the overall election result requires a physical presence at multiple polling locations. All electronic voting solutions are intrinsically worse in that respect.
What does "verified" even mean here? At the end of the day, you need to convert it to some cryptographic key, and then that key is vulnerable to attack: either it's kept in the voting machine, in which case the machines themselves are a single point of failure, or else it's given to voters, in which case their insecure phones, computers, etc are easily compromised to get the keys.
Checking your votes doesn't help: a significant number of people do not vote. An attacker can submit votes on behalf of those people using their keys and noone will know, and even if you find someone who claimed that they didn't vote, how would you ever prove it either way?
The advantage of a physical system is that there is no single point of failure: changing the overall election result requires a physical presence at multiple polling locations. All electronic voting solutions are intrinsically worse in that respect.
these hacks can influence politicians after they've been voted in. If anything direct rigging of a vote is more transparent : people can notice if the vote goes against common sense.
And what were GCHQ, MI6 and NCSC doing to protect our prime-minister
at this time?
We have a problem in democratic nations. I've written about it here [1]. Bruce Schneier has also addressed it in his own way.
Our lack of any framework for civic cybersecurity is a disgrace. People in future ages will look back on our time as a wild-west.
A solution can only come from a ground-up awareness through education.
[1] http://www.icicte.org/assets/icicte2019_5.4_farnell.pdf
We have a problem in democratic nations. I've written about it here [1]. Bruce Schneier has also addressed it in his own way.
Our lack of any framework for civic cybersecurity is a disgrace. People in future ages will look back on our time as a wild-west.
A solution can only come from a ground-up awareness through education.
[1] http://www.icicte.org/assets/icicte2019_5.4_farnell.pdf
The Johnson government has been widely but toothlessly criticized for using WhatsApp on personal devices to conduct affairs of state (and deleting messages, failing to hand over messages to investigations, etc.). My personal opinion is that they don't care too much about this type of thing (being hacked by UAE, etc.), and are preoccupied with more selfish matters. It can be quite profitable to be the butler to Gulf, Russian, and UK billionaires.
I do think secret services did more damage than good with their forward surveillance of citizens, which basically was wild west surveillance initiated by states. The lost trust cannot be repaid for decades, maybe even centuries. It basically voided the significance of huge parts of constitutions of many countries that explicitly forbid such actions. This is beyond political realities of realpolitik where the justification was an alleged immediate threat of terrorism.
And that is an overall problem. The fears decide the action. So improving security is becoming dangerous, because parents or teachers just putting their children into a cage of complete surveillance is the most probable outcome. Because the ambition is to get more control. But that doesn't provide much security at all and creates even far greater threats than the "wild west" free open net ever posed in the past.
And that is an overall problem. The fears decide the action. So improving security is becoming dangerous, because parents or teachers just putting their children into a cage of complete surveillance is the most probable outcome. Because the ambition is to get more control. But that doesn't provide much security at all and creates even far greater threats than the "wild west" free open net ever posed in the past.
>And what were GCHQ, MI6 and NCSC doing to protect our prime-minister at this time?
Preparing an advertising campaign against E2E encryption: https://www.engadget.com/the-uk-government-is-reportedly-pla...
Preparing an advertising campaign against E2E encryption: https://www.engadget.com/the-uk-government-is-reportedly-pla...
> And what were GCHQ, MI6 and NCSC doing to protect our prime-minister at this time?
Nobody is perfect - but there are people who blatantly ignore ITSEC best practices and are therefore almost unprotectable.
Nobody is perfect - but there are people who blatantly ignore ITSEC best practices and are therefore almost unprotectable.
> Nobody is perfect - but there are people who blatantly ignore ITSEC
best practices and are therefore almost unprotectable.
I hear you, but I would contest that they're not at liberty to ignore them. If pizza delivery drivers consent to obligations to carry issued and configured devices while on duty by what exceptionalism is Downing Street excused?
Secondly, I'd say that they may make themselves unprotectable, but that is not where their duty of care ends. Boris Johnson is not only responsible for his own security, but that of a nation. Insofar as the spooks are responsible for Boris (god help them) their pants are round their ankles again.
I hear you, but I would contest that they're not at liberty to ignore them. If pizza delivery drivers consent to obligations to carry issued and configured devices while on duty by what exceptionalism is Downing Street excused?
Secondly, I'd say that they may make themselves unprotectable, but that is not where their duty of care ends. Boris Johnson is not only responsible for his own security, but that of a nation. Insofar as the spooks are responsible for Boris (god help them) their pants are round their ankles again.
I don't think you really want a world where the security services can overrule the elected government, rather than the other way round.
However, I'm not one to defend either MI5 or Johnson here. MI5 routinely surveil anyone to the left of the Tory party as being some kind of dissident. The Johnson government is notorious for ignoring any kind of rules, restraint, or best practice. If they had something to say about it, they should have done so in public like the rest of us, once privately recommending had failed.
However, I'm not one to defend either MI5 or Johnson here. MI5 routinely surveil anyone to the left of the Tory party as being some kind of dissident. The Johnson government is notorious for ignoring any kind of rules, restraint, or best practice. If they had something to say about it, they should have done so in public like the rest of us, once privately recommending had failed.
> I don't think you really want a world where the security services
can overrule the elected government, rather than the other way round.
Well said, and excellent point. But I would like to live in a world where security services could professionally, and in good faith, advise other public servants, who would professionally, and in good faith heed that advice. As I understand it that fits the actual job description for all parties.
A world in which public servants are adversaries, in which intra- and inter-institutional trust has totally broken down seems to be the fruits of the misadventure, over-reach and disrespect for the Rule of Law in all quarters.
Well said, and excellent point. But I would like to live in a world where security services could professionally, and in good faith, advise other public servants, who would professionally, and in good faith heed that advice. As I understand it that fits the actual job description for all parties.
A world in which public servants are adversaries, in which intra- and inter-institutional trust has totally broken down seems to be the fruits of the misadventure, over-reach and disrespect for the Rule of Law in all quarters.
Well, yes. But we're not dealing with public servants in the Cabinet, we're dealing with inept looters who are being propped up by the conservative press.
> Nobody is perfect - but there are people who blatantly ignore ITSEC best practices and are therefore almost unprotectable
This is tangential to this story however. Even people who follow best practices can get owned when ex-Mossad/8200 agents armed with dozens of zero days and millions of dollars come after them.
This is tangential to this story however. Even people who follow best practices can get owned when ex-Mossad/8200 agents armed with dozens of zero days and millions of dollars come after them.
Could these agencies enumerate some phone models / sw versions that are vulnerable to Pegasus and just blast email the govt folks "if you got one of these it's vulnerable, upgrade to new hardware or software { list of phones without known vulnerabilities here }"?
Well, what if the lists got leaked, and the secret services no longer can spy on the electorate with these tools? /s
'solution can only come from a ground-up awareness through education'
Average consumer cannot be responsible for security. Not because they are uneducated but becauae corporations have physicall talen away control from us.
You have no control over software running on your router supplied by the internet company, wifi printer, smart toaster, tesla or what crapware is preinstalled on your phone (often you can't even update it)
So since they took away control, they shoupd be held financially accountable
Average consumer cannot be responsible for security. Not because they are uneducated but becauae corporations have physicall talen away control from us.
You have no control over software running on your router supplied by the internet company, wifi printer, smart toaster, tesla or what crapware is preinstalled on your phone (often you can't even update it)
So since they took away control, they shoupd be held financially accountable
> because corporations have physically taken away control from us.
The solution of ground-up awareness and education I am suggesting involves making sure people understand they must take that back. The tag-line for the final chapter of my book is "Taking back tech" [1]
> You have no control over software....
Well, actually you do, but it is insufficient, and moreover others have control over it which they should not. Legislation can fix this, but legislation requires an educated user base first. Many folks don't know how they are being abused, or even that they are being abused. This is the project of a new digital literacy.
Digital literacy 1.0 was about "the amazing things computers can do" Digital literacy 2.0 is about "the dangerous things computers shouldn't do"
> So since they took away control, they should be held financially accountable
I don't think money is a factor in this. The questions revolve around fundamental rights, responsibilities, ownership and control, One cannot buy or sell such obligations.
[1] https://digitalvegan.net
The solution of ground-up awareness and education I am suggesting involves making sure people understand they must take that back. The tag-line for the final chapter of my book is "Taking back tech" [1]
> You have no control over software....
Well, actually you do, but it is insufficient, and moreover others have control over it which they should not. Legislation can fix this, but legislation requires an educated user base first. Many folks don't know how they are being abused, or even that they are being abused. This is the project of a new digital literacy.
Digital literacy 1.0 was about "the amazing things computers can do" Digital literacy 2.0 is about "the dangerous things computers shouldn't do"
> So since they took away control, they should be held financially accountable
I don't think money is a factor in this. The questions revolve around fundamental rights, responsibilities, ownership and control, One cannot buy or sell such obligations.
[1] https://digitalvegan.net
>And what were GCHQ, MI6 and NCSC doing to protect our prime-minister at this time?
Laughing their tits off?
Laughing their tits off?
>Bruce Schneier has also addressed it in his own way.
very interesting, can you link to it? tia!
very interesting, can you link to it? tia!
Sure I guess this one [1] is fairly typical of Bruce's psoition. He
identifes as (coined the phrase?) working as a "public interest
technologist". He mentions this throughout his writing. I took to
using the term "civic cybersecurity" and "digital self defence" after
about 2014. I think we're on the same page, loosely.
[1] https://www.schneier.com/essays/archives/2019/02/public-inte...
[1] https://www.schneier.com/essays/archives/2019/02/public-inte...
There is a point being totally missed in this thread and that is the UK government basically ignore all security common sense and do absolutely incomprehensible things like discuss national security over WhatsApp and Zoom, as a British citizen, in my eyes this absolutely amounts to treason as they're knowingly potentially giving away state secrets, anyone else would be instantly jailed.
UK government and any departments discussing sensitive matters (or everyone, really) should not be using a) off the shelf phones, and b) should not be using public communications networks full stop, nevermind foreign communication platforms.
UK government and any departments discussing sensitive matters (or everyone, really) should not be using a) off the shelf phones, and b) should not be using public communications networks full stop, nevermind foreign communication platforms.
The problem isn't a technological one arguably though, and that's why all purely technical solutions are probably doomed to failure.
A huge part of the reason senior government figures around the world often choose to use WhatsApp or Zoom is to avoid or reduce exposure to the statutory recording requirements using the "official" comms channel would entail. The UK in particular has had serious chilling effects on government due to the fear that email or official communications will later embarrass you following publication under Freedom Of Information laws. This isn't a hypothetical - FoI journalism is a real thing in the UK and a source of a huge number of stories that can embarrass the Government of the day.
As long as the official channels are subject to strong public disclosure laws that allow the media relatively easy access to many government communications, politicians will seek devices that allow them to communicate "privately" even if that means adopting less secure devices and services. The "threat" they see is FoI/embarrassment in press a lot of the time, not the State level Cyber attacker.
I'm not defending this practice, but I can understand why it happens. I've even seen NHS employees (state employed drs in the UK health service) avoid saying things in meetings for fear of the later FoI reveal if the meeting minutes are published.
A huge part of the reason senior government figures around the world often choose to use WhatsApp or Zoom is to avoid or reduce exposure to the statutory recording requirements using the "official" comms channel would entail. The UK in particular has had serious chilling effects on government due to the fear that email or official communications will later embarrass you following publication under Freedom Of Information laws. This isn't a hypothetical - FoI journalism is a real thing in the UK and a source of a huge number of stories that can embarrass the Government of the day.
As long as the official channels are subject to strong public disclosure laws that allow the media relatively easy access to many government communications, politicians will seek devices that allow them to communicate "privately" even if that means adopting less secure devices and services. The "threat" they see is FoI/embarrassment in press a lot of the time, not the State level Cyber attacker.
I'm not defending this practice, but I can understand why it happens. I've even seen NHS employees (state employed drs in the UK health service) avoid saying things in meetings for fear of the later FoI reveal if the meeting minutes are published.
I used to think that is an issue with old non-technical generation and therefore it is argument for new blood. But.. new blood is about as careless about sharing all sorts of information online as old blood. I don't know if there is a solution to this. I am starting to wonder if it is one of those 'best not to think about it' things.
It's the same problem as the lack of widespread technical comprehension in the general public.
New blood politicians may know more about tech, phones and services from a _user_ perspective, but most of them are still politicians, not engineers - and just like the vast majority of the general public, will mostly not appreciate the implications of any details bellow the surface of modern technology. What we think of as common sense are based on principles in this domain that is invisible to most people.
There is no simple solution to this. For government specifically, perhaps a new specialised division that dictates policy for technology use throughout the government (I say new because I would not be surprised if some antiquated and dysfunctional version of this already exists).
New blood politicians may know more about tech, phones and services from a _user_ perspective, but most of them are still politicians, not engineers - and just like the vast majority of the general public, will mostly not appreciate the implications of any details bellow the surface of modern technology. What we think of as common sense are based on principles in this domain that is invisible to most people.
There is no simple solution to this. For government specifically, perhaps a new specialised division that dictates policy for technology use throughout the government (I say new because I would not be surprised if some antiquated and dysfunctional version of this already exists).
NCSC are supposed to be doing this, but they're genuinely clueless and just like doing PR.
I also don't think it's reasonable to say it's lack of awareness, the same people wouldn't give the launch codes to a 3rd party, it doesn't require any technical clue to apply this.
I also don't think it's reasonable to say it's lack of awareness, the same people wouldn't give the launch codes to a 3rd party, it doesn't require any technical clue to apply this.
[deleted]
The UK government hates its own country and people, why would they bother with something so trivial as national security. That would be like a serial killer worrying about infection whilst dismembering their victim.
[deleted]
I'm curious about the threat modelling of those high level officials. With all these hacking going on, if feels like it's not been a consideration.
Pegasus claims iOS and Android hacking capabilities, one would expect more specialised communications being used at that level. Car companies provide specialised vehicles for governmental use, I would have expected to see specialised iOS or Android devices at least. Nothing completely out of this world but with special software configurations and features to detect and prevent attacks.
Pegasus claims iOS and Android hacking capabilities, one would expect more specialised communications being used at that level. Car companies provide specialised vehicles for governmental use, I would have expected to see specialised iOS or Android devices at least. Nothing completely out of this world but with special software configurations and features to detect and prevent attacks.
>with special software configurations and features to detect and prevent attacks
I could imagine a special build of the OS where everything was compiled with Address Sanitizer. You'd take a bit on performance and battery, but, tradeoffs.
I could imagine a special build of the OS where everything was compiled with Address Sanitizer. You'd take a bit on performance and battery, but, tradeoffs.
I'm pretty sure its just accepted it is government by WhatsApp groups.
;) always a scandal. When Dems do it.. Politicians of both parties routinely use apps like wickr and signal. often illegally not following records keeping laws.
I know obama had a special blackberry made so he could use email on mobile.
I'd be surprised if the federal government hasn't created a mobile version of SIPRNet yet?
I work in politics (low level compared to these elected s). most of the committees use signal + email 2fa or similar now. But that does nothing against sate sponsored hackers with 0 days. Maybe rotating burner phones and chat platforms would work better, but probably not worth it for the vast majority unless doing something sketchy.
I know obama had a special blackberry made so he could use email on mobile.
I'd be surprised if the federal government hasn't created a mobile version of SIPRNet yet?
I work in politics (low level compared to these elected s). most of the committees use signal + email 2fa or similar now. But that does nothing against sate sponsored hackers with 0 days. Maybe rotating burner phones and chat platforms would work better, but probably not worth it for the vast majority unless doing something sketchy.
I would guess the best approach is to try to have as small an attack surface as possible, meaning as few applications etc, and the simplest possible operating system.
Like for example a minimalist build of the PinePhone with software that literally never updates unless there is a security issue. Maybe something like a stripped down Slackware, or I was gonna say OpenBSD where even the proprietary hardware drivers are re-written to be open source (and free), but I guess for the PinePhone, the hardware is already open anyways.
edit: A stripped down Slackware I should say
Like for example a minimalist build of the PinePhone with software that literally never updates unless there is a security issue. Maybe something like a stripped down Slackware, or I was gonna say OpenBSD where even the proprietary hardware drivers are re-written to be open source (and free), but I guess for the PinePhone, the hardware is already open anyways.
edit: A stripped down Slackware I should say
My headcanon at this point is that the spymasters know about the security binary[0], and have decided that the threat of going dark is worse than the threat of getting pwned with their own NOBUS[1] exploits. Better to have everyone be vulnerable.
I do know at one point Apple had special Korean iPhone SKUs with no physical camera installed, I have no clue if those are still being made. Samsung probably did the same thing. The problem is that, aside from just removing hardware, there's no particular special software configuration that you can do to make the device more secure. Every good idea out there is either already being done on the consumer versions of these devices, or is an optional feature you can already enable on a stock device with MDM software. The security on phones is already pretty good, albeit at the cost of freedom for enthusiasts and tinkerers.
[0] Binary as in gender, not as in untrusted.
[1] US intelligence term that stands for "NObody But US" and is equivalent to "0day".
I do know at one point Apple had special Korean iPhone SKUs with no physical camera installed, I have no clue if those are still being made. Samsung probably did the same thing. The problem is that, aside from just removing hardware, there's no particular special software configuration that you can do to make the device more secure. Every good idea out there is either already being done on the consumer versions of these devices, or is an optional feature you can already enable on a stock device with MDM software. The security on phones is already pretty good, albeit at the cost of freedom for enthusiasts and tinkerers.
[0] Binary as in gender, not as in untrusted.
[1] US intelligence term that stands for "NObody But US" and is equivalent to "0day".
Perhaps they hacked honeypot devices and were thus fed disinformation. UKG has mounted such operations (some with high level of sophistication) since 1945 at least.
Time to revamp the black berry.
The RCMP had access to all the encryption keys for the blackberry messaging back end :). They could basically access any message that was sent through RIM servers, and used that access pretty often (sometimes at the request of foreign governments).
Well, they certainly won’t do it again! Therefore, this should be ignored and not logically used to infer that governments spy on citizens!
I don’t feel sorry for them. They are hard at work building a surveillance state and (attempting to) ban end-to-end encryption.
I actually see this as a good thing. Getting a taste of their own medicine.
I actually see this as a good thing. Getting a taste of their own medicine.
Im a brit, Im not tech expert but I work adjacent to tech. I feel some what smug over this:
* If you have nothing to hide, you have nothing to fear is official policy
* We aggressively use "tools" like this both domestically and abroad, both for military/intel and for law enforcement with basically no oversight
* Our government are basically technic-illiterate. And proud of that in many cases.
So this is a train wreck of their own making.
The only thing making me sad is that it will have zero effect.
* If you have nothing to hide, you have nothing to fear is official policy
* We aggressively use "tools" like this both domestically and abroad, both for military/intel and for law enforcement with basically no oversight
* Our government are basically technic-illiterate. And proud of that in many cases.
So this is a train wreck of their own making.
The only thing making me sad is that it will have zero effect.
Obviously this news is a bit embarrassing for both the UAE and the UK, but if the UK's response isn't to press the UAE for a reciprocal no-hacking treaty, then presumably the UK is trying to keep its options open. Unless I'm mistaken, the UK isn't surprised that it doesn't have any treaties with the UAE prohibiting this sort of thing... live by the hack, die by the hack.
UK has been through a period of getting very cosy with the Qataris, which began during the Cameron era and has since (I believe) cooled a bit.
For anyone interested in the topic of Pegasus and NSO, there is a great New Yorker piece about them from yesterday.
https://www.newyorker.com/magazine/2022/04/25/how-democracie...
https://www.newyorker.com/magazine/2022/04/25/how-democracie...
As appalling as this intrusion is, I can't help but feel there is some measure of propriety that it should be done to a nation taking advantage of its impressive technological legacy to eavesdrop on most transatlantic communications, and scheming and hacking to subvert the communication infrastructure of friendly countries.
Not that "what goes around comes around" is going to fix anything in this regard...
History has shown that those willing to exploit the existing technologies weaknesses profit in wartime. Israel and the US are two great examples
Can’t phone vendors have people pose as a client to NSO to get access to the latest RCE and patch it?
In general, no.
Two aspects. The first is client vetting - such organizations (I have in mind a particular organization that's not NSO but also has products which rely on RCEs) simply don't sell at all to random companies - I'm not sure if they sell to companies at all as all the published cases have been from the government sector, but in any case they already know all the potential clients they might have, it's not like there are many of them in the world. And it's not trivial for Apple to falsely pose as, for example, the intelligence agency of Bolivia in a way that's not easily discovered. Also, in the specific case of NSO, every new client will likely require approval from Israel government for the 'arms' export license, and is likely to be vetted by Israeli intelligence agencies which are considered to be quite competent.
The second aspect is that such organizations generally are very wary of actually giving access to RCEs themselves - in many cases they will sell access to the use of RCEs, where the buyer won't get the ability to get the exploit but rather the seller will run the exploit themselves. Of course there are exceptions, but any less trustworthy clients (e.g. if selling to some USA local law enforcement which realistically aren't as secure as FBI) simply won't get the opportunity to compromise the 'goose that lays golden eggs'.
Two aspects. The first is client vetting - such organizations (I have in mind a particular organization that's not NSO but also has products which rely on RCEs) simply don't sell at all to random companies - I'm not sure if they sell to companies at all as all the published cases have been from the government sector, but in any case they already know all the potential clients they might have, it's not like there are many of them in the world. And it's not trivial for Apple to falsely pose as, for example, the intelligence agency of Bolivia in a way that's not easily discovered. Also, in the specific case of NSO, every new client will likely require approval from Israel government for the 'arms' export license, and is likely to be vetted by Israeli intelligence agencies which are considered to be quite competent.
The second aspect is that such organizations generally are very wary of actually giving access to RCEs themselves - in many cases they will sell access to the use of RCEs, where the buyer won't get the ability to get the exploit but rather the seller will run the exploit themselves. Of course there are exceptions, but any less trustworthy clients (e.g. if selling to some USA local law enforcement which realistically aren't as secure as FBI) simply won't get the opportunity to compromise the 'goose that lays golden eggs'.
re your second point: you don’t need access to the RCE itself, you could say I want to hack XXX phone number where XXX is a honeypot and try to reverse engineer it from there.
There are others who would know more about this than I do, but a few reasons come to mind:
1. NSO almost certainly has more than one exploit chain at a time. While this would burn one of their exploits, it wouldn’t put them out of business or eliminate the ability for them to get RCE on phones in general.
2. Vendors already have bug bounty programs with established award ceilings. These exploits are almost always far more valuable than the vendor is willing to pay via their bug bounty program. Why would the vendor pay more in this instance?
3. Given (1), how long would this go on for? NSO—who is aware of how many exploit chains they have—likely wouldn’t sell all of their exploits to a single buyer and risk them all getting burned.
TL;DR: It wouldn’t be practical.
1. NSO almost certainly has more than one exploit chain at a time. While this would burn one of their exploits, it wouldn’t put them out of business or eliminate the ability for them to get RCE on phones in general.
2. Vendors already have bug bounty programs with established award ceilings. These exploits are almost always far more valuable than the vendor is willing to pay via their bug bounty program. Why would the vendor pay more in this instance?
3. Given (1), how long would this go on for? NSO—who is aware of how many exploit chains they have—likely wouldn’t sell all of their exploits to a single buyer and risk them all getting burned.
TL;DR: It wouldn’t be practical.
Vendors may be more incentivised to intentionally kill the Pegasus business model, which would have immeasurable PR value if executed well.
Then another one pops up. Fact is, the market is there. It's not too dissimilar how after the silk road was taken down 10 others came up in its place.
Markets for exploits are unfortunately here to stay.
Markets for exploits are unfortunately here to stay.
The models are different. Silk Road has millions of sellers and millions of buyers; Pegasus has a very small set of both, who would be more difficult to connect with. It probably won’t kill it, but will create a harder to leverage profit model
Do you think the phone vendors have better intelligence apparatus' than NSO, or that NSO doesn't vet the background of who they sell to, given it requires cabinet approval?
UAE hacks UK give officials using Israeli cyberterrorism software and there are no consequences?
I'm sure Abraham would be proud to have had his name attached to essentially a weapons contract masquerading as a peace deal between two evil governments.
I'm sure Abraham would be proud to have had his name attached to essentially a weapons contract masquerading as a peace deal between two evil governments.
The question is then what phone exists that is immune from this? A flip phone? A Nokia 1011? I might be completely misinformed but seems like SIM card and the underlying OS is vector. What happens if I use a cell phone from late 90s and early 2000s? What is there to hack with those flip phones? JavaME over the wire? What if the cell phone dates even further?
Legitimately curious what options is there. Could If you are someone of interest then it seems like having a smartphone is an automatic liability. What then solution is possible since sending and reading a simple text message is enough to escalate privilege?
Legitimately curious what options is there. Could If you are someone of interest then it seems like having a smartphone is an automatic liability. What then solution is possible since sending and reading a simple text message is enough to escalate privilege?
No technology is entirely secure today, we haven't built it in a provably secure way
The most secure today is probably a Pixel 6 running a secure messaging app with a limited attack surface, no image support, no emoji, etc. Removing all the standard apps including the browser and Webview engine would significantly help.
If you could switch an iPhone into a secure mode which removed large chunks of messaging functionality then it would be the preferred option.
The most secure today is probably a Pixel 6 running a secure messaging app with a limited attack surface, no image support, no emoji, etc. Removing all the standard apps including the browser and Webview engine would significantly help.
If you could switch an iPhone into a secure mode which removed large chunks of messaging functionality then it would be the preferred option.
I would be shocked if people couldn't find an RCE in an early 2000s flip phone. I had a friend who had hers since 2010 and MMS crashed it all the time.
If you're talking about flip phones and trying to protect against an eavesdropper of a phone call or SMS, then there's no point. The network that these phones used is full of holes already https://en.wikipedia.org/wiki/Signalling_System_No._7#Protoc...
Attack surface reduction is the important part. I’m not in disagreement with what you said, but if you took a modern iPhone and removed all capabilities other than sending and receiving phone calls, it would be much more secure than one which supports mms, email, browsing, etc.
Are you sure having a phone in your phone is a good idea? Phone calls are a significant source of attacks now, even if none of those attacks exploit a vulnerability in the phone software. As far as I'm concerned, the only point in having a dial-able phone number is to ensure I'm still eligible for car warranty scams and 2FA code harvesting attacks.
You’re right, my point was surface reduction, not that one tech is more or less vulnerable than others
Print from your phone to a piece of paper. Then use RFC 1149 (https://datatracker.ietf.org/doc/html/rfc1149)-- IP over carrier pigeon. And then use one time pads on each end.
thank you for posting this, made my day.
I'm still cracking up over:
> A typical MTU is 256 milligrams
I'm still cracking up over:
> A typical MTU is 256 milligrams
Probably PGP encryption / authentication using files on an SD card with a computer separated from internet is your best bet for secure communication. An ,,easier to use’’ version can use a firewall that only allows the PGP emails through, at least in that case the firewall can be made simple and secure.
GNU/Linux phones are immune to this (or at least they make it easy to fix bugs and separate the modem from the OS): Librem 5 and Pinephone.
Tin foil chat!
https://github.com/maqp/tfc
https://github.com/maqp/tfc
Was it the phone provided and secured by the government or the off the books phone they have WhatsApp groups on?
If it’s the first then security services have a problem. If it’s the second then those individuals have a problem.
If it’s the first then security services have a problem. If it’s the second then those individuals have a problem.
They do government business through those secret WhatsApp phones too. AFAIK the only government business we know about are the Covid contracts, but it could be anything. We know they have no kind of archival and have claimed phones are lost/replaced when they're required to provide messages, eg: https://www.theguardian.com/politics/2021/aug/04/covid-contr...
So malware has finally crossed the electronic-human barrier. Wow.
I wonder what about the third world countries with weak cyber policies.
[deleted]
The patch for Pegasus has been out since September 2021.
No wonder Boris can't stop horsing around
Like, yeah, blame the UAE mostly for this but let's also have a discussion about why this was sold to anyone who would pay with no oversight at all. Western countries need to do better.