Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
John Scott-Railton Profile picture
@jsrailton
Dec 7, 2022 6 tweets 5 min read Read on X
Scrolly
NEW: clear US policy towards mercenary spyware industry in the new #NDAA.

And it's *bad news* for shady spyware companies.

Quick thread of highlights from Sec 6318 of this robust bit of legislation 1/
2/ First, there's a yearly reporting requirement from the intelligence community.

Including deep dive into the finances, corporate structures of mercenary spyware companies.

And their customers.

And who is actually being hacked + whether that includes targeting of US. #NDAA
3/ Next, the DNI gets the authority to prohibit purchase & use by USG of mercenary spyware.

AND can block US Intelligence from doing biz with companies that have acquired mercenary spyware.

There is a waiver authority.
4/. DNI is also directed to beef up guidance & reporting on protecting devices from foreign commercial #spyware.

+ requirement that appropriate Congressional committees get briefed if US personnel get targeted.

+ consultation with private sector to identify risks.

#NDAA
5/ #NDAA also directs DNI to report to Congress on potential for US to lead allies & Five Eyes partners to a harmonized effort to mitigate counterintelligence risks of foreign commercial #spyware.

Nightmare fuel for notorious mercenary spyware companies.
6/ Compared to original #NDAA, I note sanctions language is out, but this remains a promising first step towards tackling foreign commercial #spyware.

Let harmonization with allies begin...

NDAA amendments (I've been tweeting Sec. 6318) rules.house.gov/sites/democrat…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Scott-Railton

John Scott-Railton Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @jsrailton

John Scott-Railton Profile picture
May 9
I can confidently diagnose @betterhelp as sociopaths.

Promised therapy customers privacy...then gave their mental health info to advertisers.

Victims get less than ten bucks each.
wcnc.com/article/news/n…
Image
A billion+ dollars in revenue in 2023 alone.

Yet @betterhelp paid less than $8 million in fines for victimizing their *entire customer base* for 4+ years.

In a just society with comprehensive privacy legislation, they'd face existential civil & criminal consequences. Image
A single therapist that did this would lose their livelihood and probably wind up with local news camped in front of their office.

A company does it to 800,000 people and you can't even hear the wrist slap from the next room.
Read 7 tweets
John Scott-Railton Profile picture
Apr 22
BREAKING: US @StateDept imposes visa restrictions on 13 mercenary spyware proliferators / immediate family.

First known application of policy rolled out in Feb.
state.gov/promoting-acco…
Image
2/ Visa restrictions are a promising tool in the fight against mercenary spyware.

Spyware developers & investors want big returns.

But they also want to spend some of that money on travel to the US & their kids' Ivy League tuition.

3/ As the visa announcement ricochets around mercenary spyware land...

A *lot* of shady players are surely having a little panic.

...wondering if their name is or will be on a list.
state.gov/promoting-acco…
Read 4 tweets
John Scott-Railton Profile picture
Apr 19
SEEN THESE ADS?

Producer is a declared foreign agent, paid ~$6.8m to make Kremlin propaganda on #Ukraine, etc.

He's claimed in filings that those videos wouldn't target the US audiences.

By @taylorgiorno_ & @annalecta opensecrets.org/news/2022/08/r…
Image
Please REPLY if you are seeing "Zelenskyy Unmasked" ads in the US.

In FARA registrations, Ben Swann claims Russian millions are *not* for content targeting the the US.

So who is funding this massive advertising spend to attack #Ukraine?

FARA Example: efile.fara.gov/docs/7151-Supp…
Image
3/ Anecdotally I keep hearing that viewers of my tweets about Russian hacking & election interference are being shown the ads.👇
Read 5 tweets
John Scott-Railton Profile picture
Apr 18
Report: Russia seeking to interfere in US elections & undermine support for #Ukraine.

Tactics include propaganda-laundering.👇 1/

By @selectedwisdom
blogs.microsoft.com/on-the-issues/…
Image
2/ Rigged courts. Election Fraud... Sound familiar?

It's the work of another #Russian propaganda operator highlighted by @Microsoft that amplifies socially divisive narratives.
Image
Image
@Microsoft 3/ The now-familiar hack-and-leak targeting of US political figures = dynamic to watch as 2024 elections approach.

I think media still struggles to responsibly cover "leak"-branded political hacks.

No doubt Russia has made the same observation.

Ft. @MsftSecIntel. Image
Read 4 tweets
John Scott-Railton Profile picture
Apr 14
Good morning to everyone except the "OSINT" accounts that spent last night spreading fake, alarmist & unconfirmed content.
2/ OSINT: Open Source INtelligence.

Owes its good reputation to groups like @Bellingcat that carefully VERIFY material before using it in analysis.

But today, if you find "OSINT" in the handle, there's a good chance that you will find neither verification nor analysis.
3/ How to run an "OSINT"-branded grift:

1️⃣Copy unverified spicy videos from Telegram channels, other accounts etc.

2️⃣ Strip sourcing because, hey, don't want to help competitor "OSINT" accounts get clout.

3️⃣Add hyperbolic & alarming caption.

4️⃣ Amplify.
Read 4 tweets
John Scott-Railton Profile picture
Apr 13
Be wary of OSINT-branded accounts recycling faked & old footage of airstrikes, explosions, interceptions etc.

It happens every time, but in New Twitter they have a direct financial incentive to push out inflammatory nonsense.

There's more 1/
2/ The annoying practice of some OSINT-branded accounts of repeating headlines ginned up & borrowed from somewhere without citation as if it's their own...

Is reckless & dangerous during fast moving conflict where there is huge potential for *consequential* misunderstandings.
3/ Exercise extreme caution in what you amplify & believe.

Twitter is awash with a flood tide of falsehoods tonight.

Some is the work of people trying to farm revenue.

And some is disinformation seeking to seed specific false perceptions.
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(