> Ciro Pellegrino, who heads the Naples newsroom of an investigative news outlet called Fanpage.it, received a notice on April 29 that his iPhone had been targeted. Last year, Fanpage secretly infiltrated the youth wing of Meloni’s Brothers of Italy party and filmed some of them making fascist and racist remarks.
It's never a good look going after journalists, but this seems especially petty.
Yes but one would have to exploit a similar vulnerability as was exploited in this story. Apple would patch it as soon as it became popular because it could be used for an attack like this one.
How does the exploit work, though? The article does some real handwaving around "now the device is yours and now it's not". They don't need to go too deep but isn't anyone reading that far into the article going to be curious?
There is now a rich history in outsourcing activities that would otherwise be illegal to other countries where it is legal. For example, the CIA's extreme rendition [1], knowingly sending prisoners to countries to be tortured and/or executed. This is how such countries make themselves useful to American empire.
Likewise, restrictions on the NSA spying on American citizens, for example, are bypassed by outsourcing that spying to, say, other Five Eyes countries.
Israel's role in this hacking phones of politicians, dissidents and now journalists on the behalf of the US and its allies, including Saudi Arabia [2].
The Israeli company NSO Group was sued by WhatsApp for their use of Pegasus [3], something Israel tried to intervene to block [4].
I honestly don't know how people work on things like Pegasus knowing it's being used to target and kill journalists and politicians.
Chomsky has supported "anti-imperialist" russia and ignored all warnings by the eastern European people, who dared to walk out on socialism in a freedom movement. Blood on the hands, blood on the quill, blood in the will..
>“We’ve seen first-hand how commercial spyware can be weaponized to target journalists and civil society, and these companies must be held accountable,” a spokesperson for WhatsApp told AP in an email.
Is it just me or is this statement written in a way that implies they think spying on people is acceptable just not in this specific circumstance?
Stuff like this will just keep happening unless a major jurisdiction goes after these digital mercinaries. The fact that we ignore all laws for no reason other than "our agencies really like spying on people" is laughable. Literally crime as a service, sanctioned by most governments. Should not be surprising that such criminal organizations use their tools to spy on people who don't deserve it.
Ignore all laws?? EU has officially recognized the utility of these criminal agencies. Of course under the all-time-classic umbrella of "legitimate use for law enforcement" which in common means "go ahead and use it freely, if you get caught we'll give you a slap on the wrist"
waay down, near the end of the article: "Paragon referred questions to a statement it gave to Israeli newspaper Haaretz, in which the company said that it stopped providing spyware to Italy after the government declined its offer to help investigate Cancellato’s case. "
This is my irritating reminder that there is a whole marketplace of implant/CNE products, most of which you have never heard of, produced in basically every jurisdiction in the world.
It used to be NSO Group that got all the press, now it's Paragon, and I think it's all for the good that the spotlight gets shone on these companies, but do keep in mind that this is not an "Israeli" phenomenon. There are American companies selling tooling that is more effective than "Graphite"; they're just more careful about publicity. Wherever it is you live that you feel is morally superior to America and Israel on commercialized CNE, you're likely to end up surprised.
The issue isn't the mere existence of spyware companies globally. The issue is that Israeli companies in particular have cornered the market on selling to the world's worst human rights abusers, with catastrophic consequences.
Let's be specific: NSO Group sold Pegasus to Saudi Arabia, who used it to track Jamal Khashoggi's inner circle before his assassination. They sold to Mexico, where it was used to target journalists' families within days of their murders. To Rwanda, to hunt dissidents abroad after imprisoning their family. The list goes on.
This isn't cherry-picking. When Citizen Lab analyzes global sypware operations, Israeli companies dominate: NSO, Candiru, Paragon, QuaDream, and arguably Cytrox (Macedonian, but Israeli leadership and investors). The common thread? Former Unit 8200 personnel, who've turned state cyber-warfare capabilities into a business model explicitly built on selling to authoritarians.
Your "but everyone does it" framing fundamentally misrepresents the issue. Yes, other countries have surveillance companies. But there's a massive difference between developing capabilities and systematically selling them to regimes that murder journalists. WHen was the last time a German or French company's tools were found on a murdered journalist's or imprisoned political dissident's phone?
The data shows Israeli companies don't just happen to have "bad PR" (or uniquely terrible luck in choosing their clients) - they actively court authoritarian clients because that's where the money is if you have no morals.
For some context: Israel has a population of less than 10 Million - less than 0.1% of the world's population. If you have a persuasive argument for why Israeli spyware is routinely found by organizations like Citizen Lab, why their products seem so uniquely popular and successful with fascists and authoritarians, I'd love to hear it. Because from where I'm standing, the clear and obvious explanation is that there is a deep, systemic issue in the Israeli private intelligence and cybersecurity sector that is entirely unconcerned with how their tools will be used, or by whom, as long as the money's right. All enabled by the Israeli authorities, who need to approve of these exports.
You're right that spyware companies exist elsewhere. But when researchers keep finding the same tiny country's products in the phones of murdered journalists and jailed activists, dismissing scrutiny as bias is itself a bias. The question isn't why Israeli companies get attention - it's why they keep selling to regimes that use their tools to crush dissent, and worse.
> Wherever it is you live that you feel is morally superior to America and Israel on commercialized CNE
It's not the tech (or lack of it) that makes me feel morally superior. It's the choice to use that tech to defend literal facists that I would find embarassing.
Exactly. As somebody with a past in security, I've often thought about the ethics of my actions. Where is the ethics of government?
If you think that sounds naive, I think you get my point. Those in power can not show worse ethics and morals than those they rule, at least not if you want to uphold the illusion of democracy and its values.
how come each time researchers find a new spyware, it's always an Israeli shop behind it ? maybe because Israel has developed an ecosystem and an industry around spying. I think it's evil to try to deflect the blame from israel given the fact it's currently committing genocide in Palestine
Based on what you're saying, I think I know more about this market than you do. I'm comfortable with who does and does not take me seriously. For those people who do: this "Israel" stuff is not useful for understanding what's happening in the world with respect to CNE tools.
They have more experience with such things - all the expertise concentrated there. It's the same reason all the megasocialtech web apps come from Silicon Valley.
Why was it leaked, by whom and why now? That all victims of paragon were notified by whatsApp or Apple is highly unlikely IMO. Or at least less likely than the possibility of Israeli circles or paragon itself being the origin of the leak.
Split up your information so a compromise of any one system does not compromise everything you are working on. For instance, storing contact information on a source on a separate device from any/all information provided by that source. If system A is compromised, they know you contact someone at 123-456-7890 but know not much else. If system B is compromised, they know someone is providing information on corruption within Wakanda’s government, but have no identifying information.
Trying to get into multiple systems and corollate/reconstruct information is much more difficult, time consuming, and likely to be much less complete. If a state actor has decided to stop at nothing to get you, it probably wont help, but if you are just someone that could end up on someone’s list, it will likely help.
Phone 1 - with sim and is exploited, no data or apps.
Phone 2 - different OS, no sim, uses portable hotspot from phone 1 and has all the apps and data.
Per the article there isn't actually any hard evidence that Italy was spying on this journalist. In fact the relevant Italian parliamentary oversight committee (COPASIR) investigated and said while there were activists surveilled by Italy, legally and with government authorization, a journalist (Cancellato) specifically was not.
Oh, the irony of the person shrieking about a headline being clickbait, when, had the information been included in title, they'd be shrieking that the title was clickbait for including poorly supported information.
However at the same time Paragon offered the Italian Intelligence a way to determine whether their software was used against the journalist, but they rejected the offer and that feels very suspicious.
Headlines are written by the publisher not the author. They’re written to maximize readership. The fact that spying happened in italy by italians is mostly only interesting to italians. The fact that the US backs an israeli company that sells spying tools is interesting to many more people. You can see the selling clicks, but because they’re not twisting the truth or saying something misleading - in this case I mostly see getting info to the people who care about it.
However, the fact that companies sell offensive cyber warfare software to governments is not new, and that specific company isn't either.
There's also nothing inherently wrong with selling intelligence tools to a western government, Italy is not Iran or Zambia. And fighting terror or crime using software is valid. The only thing that surprises me is that a western government might attack journalists, and what I'd like to know from this article was what was their motivation
TFA says that this story is relevant for USA because there exists an executive order which "prohibits federal government departments and agencies from acquiring commercial spyware that has been misused by foreign governments" and at this moment there are contracts between Paragon and DHS and other US government institutions.
So, in theory, these contracts with Paragon should be canceled, unless Trump decides to repeal that executive order, because it is a remnant of the previous administration.
(1) Headlines are necessarily lossy due to the limited character count.
(2) It says US-backed, which suggests to me that US investors helped fund it.
(3) It says Israeli tech, which rhymes with 2 previous spyware companies which have been torn to shreds in the public media and US courts for their lack of controls/oversight of how their customers used their software (violating the spyware vendor’s policies, the Israeli government export license, and the ToS of the software the spyware software exploited).
(4) the US-backed + “targeted a journalist” combined is an attack on the foundation of US as a country (on the assumption that the journalist wasn’t engaging in something like terrorism).
I’m bored by people who attack headlines. We all know that they aren’t accurate and can’t be 100% descriptive. And it’s not even clear that you could be appeased by any other formulation of the headline.
I don't understand what's the difference if Italy develops its own or buys it from somewhere else.
Comparably, phone tapping equipment is being sold world wide for almost a century and is used similarly
The fact that some countries that gets these tools starts listening to journalists is concerning, but at least I want to believe it happens less in functioning countries
But I don't see any issue with taking remote control of a drug dealer, terrorist or mafia phone
> The misuse of such tools outweighs the legitimate use cases, so people want to know who is so reckless to sell these programs
Do you have any evidence of this?
Cause my guess is the misuse is the stuff you hear about because it eventually makes the news. But the thousands or millions of legitimate use cases in which it prevented terror attacks or just, y'know, helped solved crimes, are just routine and don't get a mention.
Goodness me where oh where could that anti US bias come from? Couldn't be the illegal bombing of Cambodia and Laos during the Vietnam War, couldn't be arming the Guatamalans who carried out the silent Holocaust, couldn't be arming the Turks while they were slaughtering Kurds, couldn't be the illegal invasion of Iraq, killing up to a million people, and torturing others without due process, ultimately leading to violent blowback from Islamic extremists in Europe in the form of terrorist attacks. Couldn't be providing billions of dollars in weapons for Israel to carry out its genocide, likely leading to even more blowback across the globe. No, surely it's because they're _ungrateful_.
Ensuring peace by violently crushing social democratic organizing and unions is like ensuring a fun time by beating anyone who complains.
It’s not an anti-US bias to hold the US accountable for their actions. Funding a for-profit spyware company that’ll sell to anyone, including italian fascists, is bad. The US should be held accountable for that.
Attacking countries because of non existent WMDs, torturing people in black sites, sanctioning investigators of the ICC, spying on all internet traffic, enforcing their sanctions on third parties.
I think their are reasons for that anti-US bias.
And if the US ensured freedom it was because it benefited them.
If war would habe been the better option they would habe ensured that.
Your comment is extremely disingenuous. Much of the world, including Europe, has become dramatically more unsettled and dangerous as a direct consequence of US foreign policies and military adventures over the last quarter-century. Do you expect to be thanked?
People want the US to ensure peace. The problem is that the US has in recent months turned away from that and is instead promoting unrest, both home and abroad.
I mean, in a broad sense this is true. But do you really think Sam Altman wouldn’t be in the news if he wasn’t Jewish? What about SBF? Or go back further, do you think people know about Einstein or Karl Marx only because they were Jewish?
Like it or not, Jews have been involved at a high level in a lot of pivotal developments in the west.
North Korean and Chinese hackers are soundly shunned but for some reason it's always a "company" from a pariah country like Apartheid Israel that are able to sell their software weapons to indiscriminately target any civilian from any country.
Israel is both a close U.S. ally and a pariah state in the eyes of much of the international community due to its policies toward Palestinians, creating cognitive dissonance for those who support democratic values yet continue to justify or overlook actions widely seen as violations of human rights.
Just a small part of the biggest spy network ever invented, which is woven into practically all software and tech infrastructure we use in the West and backed by large corporations with ties to that small country.
Western state agencies and mid-tier bootleg spyware vendors are neutral at best and antagonists overall. At best, bootleg spyware vendors drop exploits which agencies can reverse and use for their own purposes. But in general, these vendors bring unwanted attention and burn exploits which the state agencies would like to use. These are not part of a global conspiracy, they are competing groups with the same goals.
8200 and Mossad are both the best, baddest, most wide reaching network that can kill any muslim err terrorist that challenges Israel. But also they are just wittle guys that are in a small country that can't be powerful cause they are so small right guys?
Didn't you know you also have space lasers? Anyone can be instantly vaporized at any point on Earth.
A joke from 1930's Nazi Germany:
"Two Jews are sitting on a bench in Nazi Germany. One of them is reading the local Yiddish newspaper. The other is reading Der Sturmer, a Nazi propaganda paper. The former says to the latter, “Why on earth would you read that antisemitic drek?” The other replies, “Well, when I read the local paper, we are a poor and battered people who suffer in ghettos, pogroms, and all manner of tragedies. But when I read Der Sturmer, we run the banks, the governments, the whole world – life is great!” "
I got a feeling things are going to get really ugly soon, dejavu germany in 1930 but with more powerful propaganda tools.
To give more context copy pasting my comment from a similar thread
I would like to add that Paragon disagrees with COPASIR: (article in italian) https://www.fanpage.it/politica/paragon-smentisce-il-copasir...
They offered to give some information about who was surveilled by whom, but not surprisingly the Italian government refused (it was used by 2 secret service agencies in italy). At this point, Paragon stopped giving its access to Italian agencies (spying on journalists is forbidden by Paragon'S tos). COPASIR say they are the ones who stopped the commercial relationships though, so it is clear as water that at least one party isn't telling the truth
Could also be that both are being untruthful. Lincoln let us know a long time ago, there are times when "both may be, but one must be". Personally, I think there may even be times when both parties are being truthful. ie - you're being played by a third party.
I'd imagine this is the sort of fallout when things go sideways and there is not the requisite level of trust on both sides to definitively run down root causes.
They both may have simply cut each other off. Since there is no definitive way of knowing the other side is being truthful.
> -The bald eagle that is also the only country in history to have nuked two civilian cities.
It was this or invade which would have easily resulted in more casualties. Pretending the US just nuked them when the other option was nothing is childish.
> - Its best friend, the country that's commiting a genocide in 2025 and that you cannot criticize.
Ongoing wars in 2025 and casualty numbers according to Grok:
>It was this or invade which would have easily resulted in more casualties.
There was no need to invade: as long as the naval blockade continued, Japan wouldn't get enough fossil fuels and other resources to threaten anyone. They probably would've been lucky to avoid mass starvation.
--and Washington knew that when it decided to nuke Hiroshima and Nagasaki, but it also knew that the Soviets wanted invade Northern Japan: Stalin had already "offered to help out" in this way.
Israel-Palestine war stats is really off, because the Palestinian officials also include natural deaths in those stats (8,000 per year in Gaza). So the total is more like 40,000-50,000, and most are combatants.
Your numbers ignore the distinction between combatants and civilians killed. It also does not include those who are killed as a by product of the war. The number you mentioned is how many Israel directly killed. This ignores:
* People who died out of starvation (especially kids and newborns) due to Israel's blockade
* People who died due to lack of medicine due to Israel's blockade
* People who died to the worsening hygienic environment
The estimate we have from research in Lancet go just shy of 200,000 people dead [1]. Note that this was their estimate almost a year ago. Since then many more deaths took place.
And in short, whether you want to admit it's a genocide or not, no one can deny it's a one of the greatest tragedies of the century, and that Israel must be held accountable. Enough is enough.
You are missing that facts are not universally known, and it is normal and good for news organizations to provide ongoing coverage of stories their readers might care about. Many people who read this article will have never heard of governments spying on domestic journalists, or Italy doing that, or the type of software used, or the US funding that software, or some combination of these things.
It's a good point! There is a good reason for the article. I just don't love the implications of the headline because software being used does not mean it's being used as intended or with the blessing of those countries. This headline could be any number of companies and organizations - including most major tech companies.
I do wonder with all the criticisms and faults EU and West points out in other parts of the world, this one country gets a complete pass that overrides and contradicts every single value that they supposedly stand for at the risk of appearing like they have no value or morals.
The rest of the world is getting tired of this double standard. It's justified when we do it and it's a crime if others do it. It's no wonder the youth and global opinions have turned sour.
Not really a rationale, but many people go like this:
(1) Israel with US, so against Israeli military = against US = you bad!
(2) Israel = Jewish, so if you against Israel then you = anti-semite! = you bad!
(3) Oh, you positive about enemy of Israel, so you against Israel, so you bad!
All of which are, of course, utter nonsense. And of course it cannot be said in a public forum, without people becoming fearful, because the truth has been said. Cannot possibly discuss this! And in case you do manage to state it somewhere, Bots might flag or downvote you into oblivion. That, or people with no clue what's going on in the world and weird misplaced feelings of allegiance.
This type of comment I find very peculiar, it attempts to normalize the intimidation and censorship of truths when we know that isn't the consensus nor desired.
Overall, very disappointing to come on HN and find any thread critical of this one country results in mass flagging, censorship and hasbara EVERY SINGLE TIME
> , it attempts to normalize the intimidation and censorship of truths
Very muddying statement. The normalization of intimidation and censorship has already happened by those in power, a comment can only acknowledge the reality of it.
> when we know that isn't the consensus nor desired.
by who? Crearly a lot of very powerful people desire it very very much.
Oh look Apple devices were hacked again. Security through obscurity isnt really working out. Their big cash apparently isnt enough.
I have sensitive data on my phone that I must carry around, and there is no way I'd ever keep it on an iphone. 'Pegasus' was the moment corporations and governments should have banned iphones for their terrible security.
Closed source doesn't imply security through obscurity. Any operating system, closed or open, can be vulnerable. iOS is a big, relevant target, and obviously a lack of publicity/quantity of commercial exploits against AOSP and Desktop Linux doesn't necessarily mean good security.
Humans invented computers, which are capable of nearly-perfect security, but we have to make do with barely-working security, because we can't stop spying on each other.
> Ciro Pellegrino, who heads the Naples newsroom of an investigative news outlet called Fanpage.it, received a notice on April 29 that his iPhone had been targeted. Last year, Fanpage secretly infiltrated the youth wing of Meloni’s Brothers of Italy party and filmed some of them making fascist and racist remarks.
It's never a good look going after journalists, but this seems especially petty.
Attending a political party's events and reporting what they say and do is petty?
Deploying spyware against journalists in retaliation for their exposing racism in the governing party's youth wing is petty.
1 reply →
People talk about Japan but if there is one country that has never distanced itself from their role in WW2 it's Italy.
Ofcourse they get away with it because literally nobody has ever taken Italy seriously in centuries.
Color me surprised that neo nazi's in Israel would be in league with neo nazi's in Italy.
> Graphite allows the operator to covertly access applications, including encrypted messengers like Signal and WhatsApp
That's pretty obvious. Signal doesn't protect you against full device compromise. Any app can trivially extract your signal conversations
> Any app can trivially extract your signal conversations
There is a security model baked in to the mobile OS that usually does not allow that.
Yes, and it can be subverted when the mobile OS is compromised.
1 reply →
I don't think that's obvious for non-techies
In that case, can Signal users take advantage of this to export their own messages?
Yes but one would have to exploit a similar vulnerability as was exploited in this story. Apple would patch it as soon as it became popular because it could be used for an attack like this one.
Same as happened in greece a few years back against the leader of opposition and journalists using Predator
How does the exploit work, though? The article does some real handwaving around "now the device is yours and now it's not". They don't need to go too deep but isn't anyone reading that far into the article going to be curious?
You're not gonna find technical details in an AP article of all places.
You will find it in CitizenLab's report: https://citizenlab.ca/2025/06/first-forensic-confirmation-of...
There isn’t much technical details there either. They list the servers it connected to and log entry but that’s it.
It mentions a CVE number but the apple link is generic and mo details on the CVE database.
Has this even been fixed by apple?
4 replies →
There is now a rich history in outsourcing activities that would otherwise be illegal to other countries where it is legal. For example, the CIA's extreme rendition [1], knowingly sending prisoners to countries to be tortured and/or executed. This is how such countries make themselves useful to American empire.
Likewise, restrictions on the NSA spying on American citizens, for example, are bypassed by outsourcing that spying to, say, other Five Eyes countries.
Israel's role in this hacking phones of politicians, dissidents and now journalists on the behalf of the US and its allies, including Saudi Arabia [2].
The Israeli company NSO Group was sued by WhatsApp for their use of Pegasus [3], something Israel tried to intervene to block [4].
I honestly don't know how people work on things like Pegasus knowing it's being used to target and kill journalists and politicians.
[1]: https://www.pbs.org/frontlineworld/stories/rendition701/upda...
[2]: https://www.nytimes.com/2021/07/17/world/middleeast/israel-s...
[3]: https://www.bbc.com/news/articles/c77n76kzmz4o
[4]: https://www.amnesty.org/en/latest/news/2024/07/israels-attem...
Chomsky described these countries as "mercenary states". One of his books, Understanding Power, dives into the topic quite a bit.
[dead]
Chomsky has supported "anti-imperialist" russia and ignored all warnings by the eastern European people, who dared to walk out on socialism in a freedom movement. Blood on the hands, blood on the quill, blood in the will..
4 replies →
"I honestly don't know how people work on things like Pegasus knowing it's being used to target and kill journalists and politicians."
You can make many people do pretty much anything under orders, and even more by rewarding them.
"I was just putting food on the table for my family..."
https://en.m.wikipedia.org/wiki/Milgram_experiment
FYI Milgram is one of the many popular examples of fake science, wiki link has some critical review links
1 reply →
Auschwitz wasn't in Germany.
and? was build by german in german occupied Poland
1 reply →
>I honestly don't know how people work on things like Pegasus knowing it's being used to target and kill journalists and politicians.
Is that all it's being used for? I can easily see situations where its use is saving lives, in which case it would be easy to justify working on.
> I honestly don't know how people work on things like Pegasus knowing it's being used to target and kill journalists and politicians.
Sorry, but it looks like you simply don't know people.
Source: https://citizenlab.ca/2025/06/first-forensic-confirmation-of...
>“We’ve seen first-hand how commercial spyware can be weaponized to target journalists and civil society, and these companies must be held accountable,” a spokesperson for WhatsApp told AP in an email.
Is it just me or is this statement written in a way that implies they think spying on people is acceptable just not in this specific circumstance?
Stuff like this will just keep happening unless a major jurisdiction goes after these digital mercinaries. The fact that we ignore all laws for no reason other than "our agencies really like spying on people" is laughable. Literally crime as a service, sanctioned by most governments. Should not be surprising that such criminal organizations use their tools to spy on people who don't deserve it.
There is a higher chance that vendors take OS development more seriously when it comes to security...
Ignore all laws?? EU has officially recognized the utility of these criminal agencies. Of course under the all-time-classic umbrella of "legitimate use for law enforcement" which in common means "go ahead and use it freely, if you get caught we'll give you a slap on the wrist"
waay down, near the end of the article: "Paragon referred questions to a statement it gave to Israeli newspaper Haaretz, in which the company said that it stopped providing spyware to Italy after the government declined its offer to help investigate Cancellato’s case. "
This is my irritating reminder that there is a whole marketplace of implant/CNE products, most of which you have never heard of, produced in basically every jurisdiction in the world.
It used to be NSO Group that got all the press, now it's Paragon, and I think it's all for the good that the spotlight gets shone on these companies, but do keep in mind that this is not an "Israeli" phenomenon. There are American companies selling tooling that is more effective than "Graphite"; they're just more careful about publicity. Wherever it is you live that you feel is morally superior to America and Israel on commercialized CNE, you're likely to end up surprised.
The issue isn't the mere existence of spyware companies globally. The issue is that Israeli companies in particular have cornered the market on selling to the world's worst human rights abusers, with catastrophic consequences.
Let's be specific: NSO Group sold Pegasus to Saudi Arabia, who used it to track Jamal Khashoggi's inner circle before his assassination. They sold to Mexico, where it was used to target journalists' families within days of their murders. To Rwanda, to hunt dissidents abroad after imprisoning their family. The list goes on.
This isn't cherry-picking. When Citizen Lab analyzes global sypware operations, Israeli companies dominate: NSO, Candiru, Paragon, QuaDream, and arguably Cytrox (Macedonian, but Israeli leadership and investors). The common thread? Former Unit 8200 personnel, who've turned state cyber-warfare capabilities into a business model explicitly built on selling to authoritarians.
Your "but everyone does it" framing fundamentally misrepresents the issue. Yes, other countries have surveillance companies. But there's a massive difference between developing capabilities and systematically selling them to regimes that murder journalists. WHen was the last time a German or French company's tools were found on a murdered journalist's or imprisoned political dissident's phone?
The data shows Israeli companies don't just happen to have "bad PR" (or uniquely terrible luck in choosing their clients) - they actively court authoritarian clients because that's where the money is if you have no morals.
For some context: Israel has a population of less than 10 Million - less than 0.1% of the world's population. If you have a persuasive argument for why Israeli spyware is routinely found by organizations like Citizen Lab, why their products seem so uniquely popular and successful with fascists and authoritarians, I'd love to hear it. Because from where I'm standing, the clear and obvious explanation is that there is a deep, systemic issue in the Israeli private intelligence and cybersecurity sector that is entirely unconcerned with how their tools will be used, or by whom, as long as the money's right. All enabled by the Israeli authorities, who need to approve of these exports.
You're right that spyware companies exist elsewhere. But when researchers keep finding the same tiny country's products in the phones of murdered journalists and jailed activists, dismissing scrutiny as bias is itself a bias. The question isn't why Israeli companies get attention - it's why they keep selling to regimes that use their tools to crush dissent, and worse.
The only reason you're making a big deal about NSO Group is that you've heard of them.
I wonder how they find extremely talented exploit developers. The exploits they produce probably takes years to develop at minimum
2 replies →
[dead]
> Wherever it is you live that you feel is morally superior to America and Israel on commercialized CNE
It's not the tech (or lack of it) that makes me feel morally superior. It's the choice to use that tech to defend literal facists that I would find embarassing.
Exactly. As somebody with a past in security, I've often thought about the ethics of my actions. Where is the ethics of government?
If you think that sounds naive, I think you get my point. Those in power can not show worse ethics and morals than those they rule, at least not if you want to uphold the illusion of democracy and its values.
1 reply →
how come each time researchers find a new spyware, it's always an Israeli shop behind it ? maybe because Israel has developed an ecosystem and an industry around spying. I think it's evil to try to deflect the blame from israel given the fact it's currently committing genocide in Palestine
Based on what you're saying, I think I know more about this market than you do. I'm comfortable with who does and does not take me seriously. For those people who do: this "Israel" stuff is not useful for understanding what's happening in the world with respect to CNE tools.
6 replies →
because all of this private company linked to the former elite cyber unit that israel army has
its not surprising since israel intelligence unit one of the best in the world
I imagine most of the time it would be pretty hard to attribute which company and from which country the spyware comes from.
I'm always amazed we know the origin of these sorts of things as much as we do.
They have more experience with such things - all the expertise concentrated there. It's the same reason all the megasocialtech web apps come from Silicon Valley.
[flagged]
> You are being willfully naive (at best)
Please edit swipes out of comments on HN.
Why was it leaked, by whom and why now? That all victims of paragon were notified by whatsApp or Apple is highly unlikely IMO. Or at least less likely than the possibility of Israeli circles or paragon itself being the origin of the leak.
I feel like anyone serious about doing actual journalism needs to start with a decent Cyber Security 101 course. Does anyone know of one?
I mean what can you feasibly do against these zero-click exploits? There's only really two things you can do:
1. keep your phone's identifiers secret, as they must target the devices in some way (like phone number/email/whatever)
or
2. don't own a phone
Split up your information so a compromise of any one system does not compromise everything you are working on. For instance, storing contact information on a source on a separate device from any/all information provided by that source. If system A is compromised, they know you contact someone at 123-456-7890 but know not much else. If system B is compromised, they know someone is providing information on corruption within Wakanda’s government, but have no identifying information.
Trying to get into multiple systems and corollate/reconstruct information is much more difficult, time consuming, and likely to be much less complete. If a state actor has decided to stop at nothing to get you, it probably wont help, but if you are just someone that could end up on someone’s list, it will likely help.
> 2. don't own a phone
Honestly I don't think this is going to protect you if you are being targeted. We've already seen what can happen with pagers
2 replies →
I'm curious to know how many successfully targeted individuals were using features like Apple's Lockdown Mode.
Own two phones?
Phone 1 - with sim and is exploited, no data or apps. Phone 2 - different OS, no sim, uses portable hotspot from phone 1 and has all the apps and data.
1 reply →
https://freedom.press/digisec/blog/journalists-digital-secur...
https://securityplanner.consumerreports.org/statements/
It's amazing that US and Israel are the only countries mentioned in the headline
While the story itself is about Italy spying on a journalist in another EU country
But I guess news sites needs them clicks
Per the article there isn't actually any hard evidence that Italy was spying on this journalist. In fact the relevant Italian parliamentary oversight committee (COPASIR) investigated and said while there were activists surveilled by Italy, legally and with government authorization, a journalist (Cancellato) specifically was not.
Oh, the irony of the person shrieking about a headline being clickbait, when, had the information been included in title, they'd be shrieking that the title was clickbait for including poorly supported information.
[flagged]
2 replies →
However at the same time Paragon offered the Italian Intelligence a way to determine whether their software was used against the journalist, but they rejected the offer and that feels very suspicious.
1 reply →
Headlines are written by the publisher not the author. They’re written to maximize readership. The fact that spying happened in italy by italians is mostly only interesting to italians. The fact that the US backs an israeli company that sells spying tools is interesting to many more people. You can see the selling clicks, but because they’re not twisting the truth or saying something misleading - in this case I mostly see getting info to the people who care about it.
However, the fact that companies sell offensive cyber warfare software to governments is not new, and that specific company isn't either.
There's also nothing inherently wrong with selling intelligence tools to a western government, Italy is not Iran or Zambia. And fighting terror or crime using software is valid. The only thing that surprises me is that a western government might attack journalists, and what I'd like to know from this article was what was their motivation
124 replies →
> They’re written to maximize readership.
And to shape narrative!
TFA says that this story is relevant for USA because there exists an executive order which "prohibits federal government departments and agencies from acquiring commercial spyware that has been misused by foreign governments" and at this moment there are contracts between Paragon and DHS and other US government institutions.
So, in theory, these contracts with Paragon should be canceled, unless Trump decides to repeal that executive order, because it is a remnant of the previous administration.
It's the AP. It's writing is not to 'maximize readership'. It is pushing an agenda to a select audience.
1 reply →
It's like producing weapons versus using them. Just instead of "weapons" we have "spyware tools".
(1) Headlines are necessarily lossy due to the limited character count.
(2) It says US-backed, which suggests to me that US investors helped fund it.
(3) It says Israeli tech, which rhymes with 2 previous spyware companies which have been torn to shreds in the public media and US courts for their lack of controls/oversight of how their customers used their software (violating the spyware vendor’s policies, the Israeli government export license, and the ToS of the software the spyware software exploited).
(4) the US-backed + “targeted a journalist” combined is an attack on the foundation of US as a country (on the assumption that the journalist wasn’t engaging in something like terrorism).
I’m bored by people who attack headlines. We all know that they aren’t accurate and can’t be 100% descriptive. And it’s not even clear that you could be appeased by any other formulation of the headline.
When you hear an art piece was stolen from a museum, do you ever hear about the buyer?
No, you hear about where it was, who stole it and where it was found.
Are arms dealers immune from responsibility, in your view?
The article itself contains a lot of text about the company. There isn’t much about Italy.
Most of the time the country of the creator is named if it’s about spyware.
The misuse of such tools outweighs the legitimate use cases, so people want to know who is so reckless to sell these programs
I don't understand what's the difference if Italy develops its own or buys it from somewhere else.
Comparably, phone tapping equipment is being sold world wide for almost a century and is used similarly
The fact that some countries that gets these tools starts listening to journalists is concerning, but at least I want to believe it happens less in functioning countries
But I don't see any issue with taking remote control of a drug dealer, terrorist or mafia phone
3 replies →
> The misuse of such tools outweighs the legitimate use cases, so people want to know who is so reckless to sell these programs
Do you have any evidence of this?
Cause my guess is the misuse is the stuff you hear about because it eventually makes the news. But the thousands or millions of legitimate use cases in which it prevented terror attacks or just, y'know, helped solved crimes, are just routine and don't get a mention.
4 replies →
[dead]
Or agenda.. Who knows?!
[dead]
[dead]
[flagged]
The ADL has a HN account?
[flagged]
2 replies →
[flagged]
the current regime has shown hostility to keeping europe peaceful, what do you want?
9 replies →
Goodness me where oh where could that anti US bias come from? Couldn't be the illegal bombing of Cambodia and Laos during the Vietnam War, couldn't be arming the Guatamalans who carried out the silent Holocaust, couldn't be arming the Turks while they were slaughtering Kurds, couldn't be the illegal invasion of Iraq, killing up to a million people, and torturing others without due process, ultimately leading to violent blowback from Islamic extremists in Europe in the form of terrorist attacks. Couldn't be providing billions of dollars in weapons for Israel to carry out its genocide, likely leading to even more blowback across the globe. No, surely it's because they're _ungrateful_.
16 replies →
Regardless, it seems to be helpful to others to point out what one finds worthy of discussion; that is actually the point of the comments, after all.
https://en.m.wikipedia.org/wiki/Anti-communist_mass_killings
Ensuring peace by violently crushing social democratic organizing and unions is like ensuring a fun time by beating anyone who complains.
It’s not an anti-US bias to hold the US accountable for their actions. Funding a for-profit spyware company that’ll sell to anyone, including italian fascists, is bad. The US should be held accountable for that.
Attacking countries because of non existent WMDs, torturing people in black sites, sanctioning investigators of the ICC, spying on all internet traffic, enforcing their sanctions on third parties.
I think their are reasons for that anti-US bias.
And if the US ensured freedom it was because it benefited them. If war would habe been the better option they would habe ensured that.
Your comment is extremely disingenuous. Much of the world, including Europe, has become dramatically more unsettled and dangerous as a direct consequence of US foreign policies and military adventures over the last quarter-century. Do you expect to be thanked?
1 reply →
> US contributions to ensuring peace in Europe
Name the contributions after 1945.
5 replies →
People want the US to ensure peace. The problem is that the US has in recent months turned away from that and is instead promoting unrest, both home and abroad.
2 replies →
That bias is earned, especially over actions the US has committed covertly in Europe over the last 50 years.
3 replies →
[flagged]
Then explain all the news about Musk and Trump.
I mean, in a broad sense this is true. But do you really think Sam Altman wouldn’t be in the news if he wasn’t Jewish? What about SBF? Or go back further, do you think people know about Einstein or Karl Marx only because they were Jewish?
Like it or not, Jews have been involved at a high level in a lot of pivotal developments in the west.
6 replies →
[flagged]
North Korean and Chinese hackers are soundly shunned but for some reason it's always a "company" from a pariah country like Apartheid Israel that are able to sell their software weapons to indiscriminately target any civilian from any country.
Israel is not a pariah but one of the US closest allies.
Israel is both a close U.S. ally and a pariah state in the eyes of much of the international community due to its policies toward Palestinians, creating cognitive dissonance for those who support democratic values yet continue to justify or overlook actions widely seen as violations of human rights.
But not for you.
7 replies →
[dead]
let's talk about North Korean and Chinese hackers
Just a small part of the biggest spy network ever invented, which is woven into practically all software and tech infrastructure we use in the West and backed by large corporations with ties to that small country.
So if a company in country A sells military arms to country B, country B is now part of country A's military network. Is that how this works now?
Works now? Thats how a customer base works.
1 reply →
It certainly has some explanatory power so depending on what you're trying to understand about these hypothetical entities, yes.
I have no idea what you're trying to say. The network of vendors to the military is part of the military network.
Yes.
Surprised they allowed a zero click exploit to be exposed for what appears to be low value targets.
That means they have a big bin of zero click exploit ready for use. This one was probably getting old so someone finding it wouldn't mean much.
And even when said small country are gifted "defense" technology, they go and sell it to the gifter's (supposed) enemies.
Why do you need enemies with such "friends".
Western state agencies and mid-tier bootleg spyware vendors are neutral at best and antagonists overall. At best, bootleg spyware vendors drop exploits which agencies can reverse and use for their own purposes. But in general, these vendors bring unwanted attention and burn exploits which the state agencies would like to use. These are not part of a global conspiracy, they are competing groups with the same goals.
[flagged]
8200 and Mossad are both the best, baddest, most wide reaching network that can kill any muslim err terrorist that challenges Israel. But also they are just wittle guys that are in a small country that can't be powerful cause they are so small right guys?
4 replies →
Didn't you know you also have space lasers? Anyone can be instantly vaporized at any point on Earth.
A joke from 1930's Nazi Germany:
"Two Jews are sitting on a bench in Nazi Germany. One of them is reading the local Yiddish newspaper. The other is reading Der Sturmer, a Nazi propaganda paper. The former says to the latter, “Why on earth would you read that antisemitic drek?” The other replies, “Well, when I read the local paper, we are a poor and battered people who suffer in ghettos, pogroms, and all manner of tragedies. But when I read Der Sturmer, we run the banks, the governments, the whole world – life is great!” "
I got a feeling things are going to get really ugly soon, dejavu germany in 1930 but with more powerful propaganda tools.
2 replies →
[flagged]
1 reply →
To give more context copy pasting my comment from a similar thread
I would like to add that Paragon disagrees with COPASIR: (article in italian) https://www.fanpage.it/politica/paragon-smentisce-il-copasir... They offered to give some information about who was surveilled by whom, but not surprisingly the Italian government refused (it was used by 2 secret service agencies in italy). At this point, Paragon stopped giving its access to Italian agencies (spying on journalists is forbidden by Paragon'S tos). COPASIR say they are the ones who stopped the commercial relationships though, so it is clear as water that at least one party isn't telling the truth
Could also be that both are being untruthful. Lincoln let us know a long time ago, there are times when "both may be, but one must be". Personally, I think there may even be times when both parties are being truthful. ie - you're being played by a third party.
I'd imagine this is the sort of fallout when things go sideways and there is not the requisite level of trust on both sides to definitively run down root causes.
They both may have simply cut each other off. Since there is no definitive way of knowing the other side is being truthful.
https://www.abrahamlincolnonline.org/lincoln/speeches/medita....
(Is that 3rd party -- God ? xD)
1 reply →
Thanks for providing us the corporation's propaganda.
Buzzword Bingo
[dead]
[dead]
[flagged]
[flagged]
[flagged]
> -The bald eagle that is also the only country in history to have nuked two civilian cities.
It was this or invade which would have easily resulted in more casualties. Pretending the US just nuked them when the other option was nothing is childish.
> - Its best friend, the country that's commiting a genocide in 2025 and that you cannot criticize.
Ongoing wars in 2025 and casualty numbers according to Grok:
- Russia-Ukraine War: Estimated 500,000–1,000,000 deaths
- Syrian Civil War: ~400,000–600,000 deaths
- Ethiopian Civil War: ~300,000–600,000 deaths
- Yemeni Civil War: ~233,000–377,000 deaths
- Myanmar Civil War: ~150,000–200,000 deaths
- Sahel Region Conflicts (post-Libya crisis, jihadist insurgencies in Mali, Niger, Burkina Faso, Nigeria, etc.): ~100,000–200,000 deaths.
- Sudan Civil War: ~61,000–100,000 deaths
- Israel-Hamas War: ~50,000–70,000 deaths
Calling the Israel Hamas war a genocide doesn't hold up. Trying to claim that you can't criticize Israel on the internet is ridiculous.
>It was this or invade which would have easily resulted in more casualties.
There was no need to invade: as long as the naval blockade continued, Japan wouldn't get enough fossil fuels and other resources to threaten anyone. They probably would've been lucky to avoid mass starvation.
--and Washington knew that when it decided to nuke Hiroshima and Nagasaki, but it also knew that the Soviets wanted invade Northern Japan: Stalin had already "offered to help out" in this way.
3 replies →
Israel-Palestine war stats is really off, because the Palestinian officials also include natural deaths in those stats (8,000 per year in Gaza). So the total is more like 40,000-50,000, and most are combatants.
19 replies →
Your numbers ignore the distinction between combatants and civilians killed. It also does not include those who are killed as a by product of the war. The number you mentioned is how many Israel directly killed. This ignores:
* People who died out of starvation (especially kids and newborns) due to Israel's blockade
* People who died due to lack of medicine due to Israel's blockade
* People who died to the worsening hygienic environment
The estimate we have from research in Lancet go just shy of 200,000 people dead [1]. Note that this was their estimate almost a year ago. Since then many more deaths took place.
And in short, whether you want to admit it's a genocide or not, no one can deny it's a one of the greatest tragedies of the century, and that Israel must be held accountable. Enough is enough.
[1]: https://www.thelancet.com/journals/lancet/article/PIIS0140-6...
1 reply →
[flagged]
[flagged]
Collections? Like debt collection? Where are you getting that?
Or are you calling gov spyware on journalists phones normal?
>Collections? Like debt collection? Where are you getting that?
It's a term used in the military/national security circles for intelligence gathering.
https://www.intelligence.gov/careers/explore-careers/intelli...
https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/do...
1 reply →
You are missing that facts are not universally known, and it is normal and good for news organizations to provide ongoing coverage of stories their readers might care about. Many people who read this article will have never heard of governments spying on domestic journalists, or Italy doing that, or the type of software used, or the US funding that software, or some combination of these things.
It's a good point! There is a good reason for the article. I just don't love the implications of the headline because software being used does not mean it's being used as intended or with the blessing of those countries. This headline could be any number of companies and organizations - including most major tech companies.
[flagged]
[flagged]
I do wonder with all the criticisms and faults EU and West points out in other parts of the world, this one country gets a complete pass that overrides and contradicts every single value that they supposedly stand for at the risk of appearing like they have no value or morals.
The rest of the world is getting tired of this double standard. It's justified when we do it and it's a crime if others do it. It's no wonder the youth and global opinions have turned sour.
[flagged]
I lol when I see such comments downvoted. I'd love to see some written rationale for the downvote.
Not really a rationale, but many people go like this:
(1) Israel with US, so against Israeli military = against US = you bad!
(2) Israel = Jewish, so if you against Israel then you = anti-semite! = you bad!
(3) Oh, you positive about enemy of Israel, so you against Israel, so you bad!
All of which are, of course, utter nonsense. And of course it cannot be said in a public forum, without people becoming fearful, because the truth has been said. Cannot possibly discuss this! And in case you do manage to state it somewhere, Bots might flag or downvote you into oblivion. That, or people with no clue what's going on in the world and weird misplaced feelings of allegiance.
I would love to see how they target GrapheneOS. iPhone is easy to break, GrapheneOS is not
Who cares at this point?
If you're a journalist and you don't have basic OPSEC for cyber stuff, there is no point in doing sensitive work.
Nobody is really accountable for those kind of things anyway.
I care
I care a lot
Cyber warfare is an lawless field
That's why it's important to take some precautions
This type of comment I find very peculiar, it attempts to normalize the intimidation and censorship of truths when we know that isn't the consensus nor desired.
Overall, very disappointing to come on HN and find any thread critical of this one country results in mass flagging, censorship and hasbara EVERY SINGLE TIME
> , it attempts to normalize the intimidation and censorship of truths
Very muddying statement. The normalization of intimidation and censorship has already happened by those in power, a comment can only acknowledge the reality of it.
> when we know that isn't the consensus nor desired.
by who? Crearly a lot of very powerful people desire it very very much.
Oh look Apple devices were hacked again. Security through obscurity isnt really working out. Their big cash apparently isnt enough.
I have sensitive data on my phone that I must carry around, and there is no way I'd ever keep it on an iphone. 'Pegasus' was the moment corporations and governments should have banned iphones for their terrible security.
Are you somehow under the impression that Android devices aren't hacked as well?
Of course Android phones are hacked as well
But a hack on my Andriod device might, or might not, work on your Android device
Not so much iPhones. Some difference between versions, but pretty much a monoculture
Closed source doesn't imply security through obscurity. Any operating system, closed or open, can be vulnerable. iOS is a big, relevant target, and obviously a lack of publicity/quantity of commercial exploits against AOSP and Desktop Linux doesn't necessarily mean good security.
Pegasus exploited both iOS and Android, not just iOS.
Thanks Cloudflare for blocking apnews.com! Thanks LLM scrapers that ruin the Internet and make that necessary!
Humans invented computers, which are capable of nearly-perfect security, but we have to make do with barely-working security, because we can't stop spying on each other.
Humans were a mistake.