Apple Wins Early Victory Against Spyware Maker NSO Group in Court

[dropadrop]

The only way Apple is going to win here is if they have evidence/proof that the NSO Group themselves were personally involved in using their own spyware tool to spy on people because as it stands, all the NSO Group does is make spyware tools and sells them onto 3rd parties. This is no different to gun makers. When someone is killed by a gun, the gun manufacturer is never taken to court and sued for causing the persons death. Gun manufacturers provide a 'tool', they are not responsible for how that 'tool' is used. Same goes for NSO Group, they make a spyware 'tool', they cannot be held responsible for how others use it.

If people think NSO Group is at fault here then please explain to me how? They make a tool and sell it to 3rd parties and they are being sued for how it is being used. Gun Manufacturers make a tool and sell it to 3rd parties but they never get sued for how it is used. Please explain the difference because I cannot see there is any difference but yet Apple is suing NSO Group for breaches of CFAA. So why aren't gun manufacturers sued for crimes of murder or manslaughter?, they make a tool that people use to kill others and they get away with it. NSO Group makes a tool that people use to spy on others and they are being sued. Something is not right here.

At least previously, the command and concure infrastructure used to deliver the malicious payload, trigger the infection and manage the device consisted of hundreds of servers operated by NSO.

This would likely mean that you can’t really use the gun analogy. To make that comparable you it would be equivalent to the gun salesman not giving you the weapon, rather the buyer would tell him where to point and ask to pull the trigger.

However the case is not only related to the delivery of malware as without a US victim it might be unclear if a US court has juristriction. The other part is related to the development and testing of the malware as that can’t be done without breaking the EULA.

 

[laptech]

At least previously, the command and concure infrastructure used to deliver the malicious payload, trigger the infection and manage the device consisted of hundreds of servers operated by NSO.

This would likely mean that you can’t really use the gun analogy. To make that comparable you it would be equivalent to the gun salesman not giving you the weapon, rather the buyer would tell him where to point and ask to pull the trigger.

However the case is not only related to the delivery of malware as without a US victim it might be unclear if a US court has juristriction. The other part is related to the development and testing of the malware as that can’t be done without breaking the EULA.

The servers would still come under the heading of 'tool'. Therefore, the way I see it, unless there is evidence of NSO staff actually doing the install of their tool on the unsuspecting victims, NSO has not actually broken any laws only Apple's EULA/T&C's.

 

[FriendlyMackle]

There is a slight difference: nuclear weapons are illegal and there is no positive use case for non state actors.

I compare this to the LPL because this is literally the same thing as a lock pick; albeit for digital tools. All they are doing is selling a lock pick.

I’ll give you that, yes nuclear weapons are illegal. But this software is basically space-age technology against a hammer/lock-pick. Due to the nature of the software ‘device’ itself, and how it can be used from afar, it is much more dangerous than something that can open a few doors or safes—limited by space, time, and danger of discovery. NSO’s work allowed people to be tracked, tapped, observed, murdered…many times over, with nearly no danger of discovery and certainly no prosecution.

Now, theft IS illegal. So is wiretapping. And murder, and blackmail, and terrorism. This software tool has enabled all of those and more at a mass scale.
I think it is like comparing a rocket launcher with a guided missle system compared to a tiny handgun (or if you want something ‘legal’ than an automatic weapon). One is quite different from the other.
We have prosecuted people and jailed them for far less when they have abetted dangerous and anti-social activities and crimes. if the political will was there, we could do something about this. Perhaps by starting with toughening our laws about design and use/intent. I don’t know, I’m not a lawyer, but I do see injustice here which is being allowed to continue.

 

[FriendlyMackle]

A and C are valid, B is silly. The US goes after European, Japanese, S Korean, Taiwanese, Australian, and, yes, Israeli, etc companies all the time for bad practices

The reason the DOJ wont go after NSO has nothing to do with Israel, it’s because they use and are heavily invested in NSO’s tools. Same reason why Palantir, an American company, doesnt face much scrutiny

What I said probably came off with an overtone I didn’t intend. Israel is a leading developer of high-tech software, medical devices, biotech, pharmaceuticals, and more. Many of the top scientists and companies there work closely with American and US government-sponsored concerns. So we (the USA) are very much in bed with the creators of this software technology. I wouldn’t be surprised if one of our own three-letter agencies gave NSO a wishlist of just what we’d like in a ‘solution’ like this.
Palantir seems to have a lot of buy-in amongst the military and police/security services…they really like what they’ll be able to do with it, ethics and privacy and freedom from presumption of criminality be damned.

 

[FriendlyMackle]

What would you say if alliance attacked sovereign country using false accusations of weapons of mass destruction?

You mean, like the United States did with Iraq after 9/11? I would say it would be unjust.

 

[laptech]

I wonder if the NSO Group are the ones US law enforcement have gone to to get access to criminals iphones when Apple has refused to help them. As the majority of us know, Apple owns iOS and thus iphone owners are 'licensed' to use the operating system on the iphone, they may own the physical hardware but Apple retains ownership of the operating system and thus Apple are going after NSO Group for breaking into iOS when it is against the EULA and T&C's of the iphone and iOS to do so because if you read them in there it does state that no one is allowed to modify or reverse engineer iOS.

I wonder if Apple would go after Russian, Chinese or North Korean spyware companies for doing the same thing NSO Group does.