Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Apple

After Chiding Apple On Privacy, Germany Says It Uses Pegasus Spyware (appleinsider.com) 38

"Germany's Federal Criminal Police Office (BKA) purchased access to NSO Group's Pegasus spyware in 2019 after internal efforts to create similar iOS and Android surveillance tools failed," reports AppleInsider. The news comes less than a month after the Digital Agenda committee chairman of Germany's federal parliament, Manual Hoferlin, declared Apple to be on a "dangerous path" with plans to enact on-device child sexual assault material monitoring. He said the system undermines "secure and confidential communication" and represents the "biggest breach of the dam for the confidentiality of communication that we have seen since the invention of the Internet." From the report: The federal government revealed the agreement with NSO in a closed-door session with the German parliament's Interior Committee on Tuesday, reports Die Zeit. When the BKA began to use Pegasus is unclear. While Die Zeit says the tool was purchased in 2019 and is currently used in concert with a less effective state-developed Trojan, a separate report from Suddeutsche Zeitung, via DW.com, cites BKA Vice President Martina Link as confirming an acquisition in late 2020 followed by deployment against terrorism and organized crime suspects in March.

Officials made the decision to adopt Pegasus in spite of concerns regarding the legality of deploying software that can grant near-unfettered access to iPhone and Android handsets. As noted in the report, NSO's spyware exploits zero-day vulnerabilities to gain access to smartphones, including the latest iPhones, to record conversations, gather location data, access chat transcripts and more. Germany's laws state that authorities can only infiltrate suspects' cellphone and computers under special circumstances, while surveillance operations are governed by similarly strict rules.

BKA officials stipulated that only certain functions of Pegasus be activated in an attempt to bring the powerful tool in line with the country's privacy laws, sources told Die Zeit. It is unclear how the restrictions are implemented and whether they have been effective. Also unknown is how often and against whom Pegasus was deployed. According to Die Zeit, Germany first approached NSO about a potential licensing arrangement in 2017, but the plan was nixed due to concerns about the software's capabilities. Talks were renewed after the BKA's attempts to create its own spyware fell short.

This discussion has been archived. No new comments can be posted.

After Chiding Apple On Privacy, Germany Says It Uses Pegasus Spyware

Comments Filter:
  • by bobstreo ( 1320787 ) on Wednesday September 08, 2021 @08:13PM (#61777599)

    You don't talk about spying on your citizens.

    • Not true at all. Inspiring fear is a powerful control mechanism. Making people think they are being monitored, even if they are not, is a powerful tactic.
    • I have always wondered about that Fight Club rule. If the first rule is that you don't talk about it, then how does someone tell you that rule?

    • Germany sure has lots of experience with spying on itself.
    • This is a tool with no purpose except to facilitate criminal activity (unauthorized systems access). In some cases you could argue the federal employees have immunity while performing their job... okay so they can't be prosecuted for the crime. But this company has no immunity.

      We've all seen innocent hackers punished for making and selling tools like this to ordinary people or even just information such as how to bypass polygraphs and the like. Is there some reason these traitors to the people are above-the
  • by 93 Escort Wagon ( 326346 ) on Wednesday September 08, 2021 @08:42PM (#61777675)

    I wouldn't be surprised if there's a lot of these stories coming out soon, pointing out inconsistent behavior on the part of certain large public detractors of Apple's on-device scanning plans... and that Apple PR is discreetly behind them all.

    • by raymorris ( 2726007 ) on Wednesday September 08, 2021 @09:00PM (#61777717) Journal

      One person in Germany is concerned about Apple's CP thing.

      Another person, who is also in Germany, wants to do policing with a tool that can "execute search warrants" on a phone.

      If the population of Germany was one person, it would potentially be hypocritical.

      Except not necessarily even if Germany was one person.
      The German government specifically asked for some capabilities of the tool to be removed so that it was less likely to be abused. One CAN think that after getting a warrant based on probable cause, from a court, police might need to search a phone AND ALSO believe that Apple shouldn't be searching everyone's phone.

      There is nothing inconsistent about thinking that a warrant, specific to an individual based on evidence, matters.

      Personally, as a security professional, I'm aware that Apple's software ALREADY has the capability to see all of the images stored on the phone. That's how you're able to look at images on an iphone - by using Apple's software. Images which are stored on the phone by Apple's software. Then displayed on the screen by Apple's software. Apple can already dig through your phone if they want to - they made the whole OS. For that reason, I personally think the concern is overblown.

      Buy anyway, even if we weren't talking about two different people in Germany, who do different jobs and therefore have different concerns, it's wholly consistent to say that searches to take place only after showing evidence and getting a warrant.

      • by LKM ( 227954 ) on Thursday September 09, 2021 @02:10AM (#61778197)
        I also think that, even if those two points were made by the exact same person, it's not necessarily hypocritical to have the opinion that private companies should not be able to spy on their customers (provided the companies don't use services that essentially require the company to track its users), while a democratic government should, within its own legal framework, and with probably cause, and with a warrant, have some ability to spy on its own citizens. These two positions are not incompatible.
      • Its akin in my mind to saying the holocaust was wrong, but being ok with capital punishment. The scale, and reasons are totally different. Apple was scanning every photo, on every Apple device, the police as you say, are likely using a tool after getting a warrant to go after someone, after presumably showing evidence in a court of law that leads them to believe there is criminal activity. I see no hypocrisy here, there are good reasons to occasionally need to use some kind of spyware in certain cases if

    • by AmiMoJo ( 196126 ) on Thursday September 09, 2021 @04:26AM (#61778409) Homepage Journal

      It's not inconsistent. Apple is a private business, these guys are state run law enforcement.

      There are lots of things that private companies should not do, but which the state probably should.

    • Of course it is. It's already public knowledge (though for some reason rarely mentioned after initial reporting) that Apple capitulated to the NSA with regard to at least storing insecure backups and data on their cloud service.
  • also LOL @ anyone who believes they would use "only certain functions" of it.
  • There are some things which are ok for a government (like having a police in the first place, with substantially extended rights) but not for anyone else... Which, by the way, does not say Germany's use of Pegasus would be a good thing. It's just a completely different thing for which the question what Apple does or doesn't do is completely irrelevant.

    Like, now Apple is building a military with weapons of mass destruction and Germany complains, ha ha but hasn't Germany a military, too?

    • by Luckyo ( 1726890 )

      Indeed. This is a really strange conflation of what corporation is doing with what a sovereign nation state is doing.

      It's almost as if there's a propaganda drive to conflate the two on the path from nation states to corporatocracy where corporations are sovereign, like/rather than national governments. And therefore have all of the same competencies that current governments have, such as intelligence gathering.

  • Slashdot got a shitload of mileage out of discussion of Solarwinds hacks.

    Now they're carrying Solarwinds ads on the front page, sandwiched in between the stories.

  • Don't want to reveal what they done with Apple, that's for sure. The play in Germany is so foul and evil that even communists where not able to par with it.
  • by auzy ( 680819 ) on Thursday September 09, 2021 @04:35AM (#61778419)

    This entire article reads like a "whataboutism" written by the Apple marketing department.

    • This.
      Apple is trying to complain that an elected government should be permitted to do things that Apple - shock - may not.
      Fuck you, Apple.

    • by Antew ( 8677861 )
      Ahahahah, very funny. I would really like to share a great find on the Internet. I am engaged in online earnings. Therefore, I need to be confident in my broker. And recently I found a great and very convenient website [fxgiants.com] on which I now trade cryptocurrency. Everything is very honest and transparent thanks to the blockchain system, I can not worry about the safety of my money. Maybe you should try it too!
  • There are people in there who care about privacy. Or the GDPR, which every government agency must obey too, wouldn't exist.
    And there are pieces of shit who spy on their own people any are lapdogs of the NSA or Apple.

    This headline, right there, is precisely what Dunbar's Number is all about: You put an entire government, and even an entire country, in one box, as if it was one single individual. Removing any chance of empathy or to see them as humans
    Sorry. We're not goose-stepping anymore. There are internal

  • It's almost as if some people think there should be different rules for companies and elected goevrnments.

  • Although a "gotcha" moment. I would fully trust the German government with this software. They have never in their history be disloyal to the German people, or in fact, the world. Apple on the other hand is a spy company that has decades and centuries of horribleness
  • The world is a very bad place and ignorance deadly. Any nation lacking effective espionage capability cedes the field to its opponents from criminals to ideological and nation-state enemies.

    The choice is trust in the kindness of one's enemies or collecting intel as effectively as one may.

Keep up the good work! But please don't ask me to help.

Working...