Share this page!

profdeibert Profile picture
Twitter logo
Jul 6 17 tweets 11 min read
NEW: @apple announces #LockdownMode, a major change to iPhone security that promises to help high risk users + other actions to hold the mercenary spyware industry to account nr.apple.com/d2I3Q1s4s0

My thread w context & details 👇
The @citizenlab has been undertaking evidence-based research on targeted espionage against civil society for close to 15 years

citizenlab.ca/category/resea…
We published the first report on NSO Group’s Pegasus spyware in 2016

citizenlab.ca/2016/08/millio…

Since then, @AmnestyTech, @FbdnStories, @ForensicArchi, and many others have joined the effort
There is now undeniable evidence from this work that the mercenary spyware industry is helping spread authoritarian practices & massive human rights abuses worldwide 👇

lawfareblog.com/effects-digita…
Last fall, (led by @billmarczak) we captured Pegasus in the wild, (the ForcedEntry exploit), and undertook a responsible disclosure to @apple, which led to many of the subsequent actions being undertaken by @apple today

citizenlab.ca/2021/09/forced…
There is no single silver bullet that will solve the mercenary spyware problem

We need governments, civil society, and tech platforms to all take concerted action. See my recommendations 👇

issues.org/surveillance-s…
To be sure, all tech platforms have problems - @apple included (more below)

But today @apple is setting an example of what tech platforms can do to positively impact this space & reduce harms
.@apple’s newly released #LockdownMode will reduce the attack surface, increase costs for spyware firms, & thus make it much harder for repressive govts to hack high risk users

Let’s hope that it also helps cut down on real-life harms…
Meanwhile, @apple’s threat notifications have alerted otherwise unwitting victims & has precipitated numerous new & ongoing investigations worldwide by @citizenlab & others

They shook a tree and victims have fallen into ours and others’ laps
.@apple’s donation to the Dignity and Justice fund is very positive

The @FordFoundation managed fund will help nurture the growing community of researchers & advocacy orgs holding mercenary spyware vendors accountable…
…while preserving our independence to undertake impartial, evidence-based research –

including research holding @Apple itself accountable

(as we have done twice since last fall 👇 )

citizenlab.ca/2021/08/engrav… and citizenlab.ca/2022/03/engrav…
Apple took a gamble, knowing groups like @citizenlab will continue to do this type of independent research holding them to account

Other tech companies should now step up and match
Here is @josephmenn's report on today's developments: washingtonpost.com/technology/202…
Apple’s Lockdown Mode Aims to Counter Spyware Threats wired.com/story/apple-io… via @wired
"The announcement is a recognition that spyware is a global problem that pits the top engineering talent at surveillance firms like NSO Group and tech giants against each other," says @snlyngaas @CNN

cnn.com/2022/07/06/tec…
Apple ramps up war on spyware, a growing digital scourge cyberscoop.com/apple-nso-grou… by @TonyaJoRiley
It cannot be overstated just how much thought and effort my @citizenlab colleague @jsrailton has put into advocating for these type of actions from tech companies.

Here's his thread with some thoughts and reactions 👇

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with profdeibert

profdeibert Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @RonDeibert

profdeibert Profile picture
Jul 7
It appears that some Spanish MEPs are trying to block the European Parliament spyware committee from a fact-finding trip to Madrid

...among them: Juan Ignacio Zoido Alvarez, who served as the Spanish *interior minister* from 2016-2018 🤔

politico.eu/article/pedro-…
It is really remarkable to see among right-wing 🇪🇸 just how much effort is put into (very poor) attempts at discrediting the research (shooting the messenger), blocking & deflecting, and casting aspersions on victims...

...Instead of a serious independent investigation.
As I said while in 🇪🇸, @citizenlab unearthed a huge hacking campaign against Catalan civil society, politicians, lawyers, family members

If I were a Spanish citizen, I would *really* want to know who authorized & operated it, bc next time it could be me
theguardian.com/world/2022/may… Image
Read 4 tweets
profdeibert Profile picture
Feb 11
🇨🇦 academic "National Security Experts" downplaying the risks of military, LEA, intelligence-affiliated protestors because of inflated CV's, kooky beliefs and discredited punditry credentials are missing the point

A little training and knowledge can be a very dangerous thing.
Increasingly paranoid and combative language coming out of the protestors' "intelligence reports"

That's a seriously dangerous combination
This is not Canada's version of Jan 6.

It is a continuation and evolution of the social and political forces that brought about Jan 6.

This is a serious anti-democratic insurgency w delusional & dangerous people

Time to track and expose it, not dismiss and minimize it.
Read 12 tweets
profdeibert Profile picture
Feb 7, 2021
With @navalny sentenced to prison in Russia, I'm reminded of our @citizenlab 2017 study, "Tainted Leaks," in which we documented a Russian-organized hack and leak operation meant to discredit @navalny citizenlab.ca/2017/05/tainte… 1/
We discovered that Russian operators who successfully phished @FT journalist @DavidSatter and @OpenSociety then took private documents, inserted false content (in blue below) to make it appear as if both were financially and otherwise supporting @navalny. They weren't.
The operators then spread the tainted material on social media and amplified it over state-supported media, with the additional false narrative that @DavidSatter was a CIA agent (he's not). All of this foreign espionage to discredit @navalny at home.
Read 4 tweets
profdeibert Profile picture
Dec 1, 2020
NEW @citizenlab REPORT: "Running in Circles: Uncovering the Clients of Cyberespionage Firm Circles" by @citizenlab: citizenlab.ca/2020/12/runnin… by @billmarczak @jsrailton @sidnext2none @sienaanstis and me
In this report, we focus on Circles, a surveillance vendor that sells SS7 exploits to government clients. Image
We identified 25 government clients of Circles, many of whom have very disturbing records of human rights abuses. Image
Read 5 tweets
profdeibert Profile picture
Sep 22, 2020
I hope everyone will pardon my interruption to the doom scrolling here for some personal celebratory news…. 1/25
Today’s the official launch for my new book, RESET: Reclaiming the Internet for Civil Society (House of Anansi Press: 2020)! Thx to everyone @HouseofAnansi @cbcideas @MasseyCollege Feels great to finally hold it in my hands! 2/25 Image
The book is a companion to the CBC Massey lecture series. It was a great honour to be invited and be among the great authors and thinkers who have inspired me over the years, including @MargaretAtwood, Ursula Franklin, Jane Jacobs, Charles Taylor, and so many others. 3/25 ImageImage
Read 25 tweets
profdeibert Profile picture
Jan 22, 2020
Thread re: Bezos Incident:
1. Like the UN Special Rapporteurs, we believe that serious allegations like these require further investigation and look forward to learning more about this case as it is made public.
2. @citizenlab did not take part in this investigation, and did not have access to devices or files related to the case.
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(