John Scott-Railton
@jsrailton.bsky.social
Chasing digital badness. Senior Researcher at Citizen Lab, but words here are mine.
Bringing NSO Group out of the cold would signal to the rest of the spyware industry that even the most notorious mercenary spyware company..
...with a history of harming the US.
...and a mountain of abuses..
Can get a free pass.
It would defang US efforts to curb proliferation & bad behavior.
...with a history of harming the US.
...and a mountain of abuses..
Can get a free pass.
It would defang US efforts to curb proliferation & bad behavior.
We asked David Friedman, the former US ambassador to Israel, who has been named exec chairman of the NSO Group holding company, whether he would try to get sanctions on NSO lifted. He said: “I hope that will be accomplished, but we haven’t made that request yet”. www.theguardian.com/technology/2...
Tech giants vow to defend users in US as spyware companies make inroads with Trump administration
Apple and WhatsApp say they’ll keep warning users if their phones are targeted by governments using hacking software against them
www.theguardian.com
November 10, 2025 at 7:18 PM
Bringing NSO Group out of the cold would signal to the rest of the spyware industry that even the most notorious mercenary spyware company..
...with a history of harming the US.
...and a mountain of abuses..
Can get a free pass.
It would defang US efforts to curb proliferation & bad behavior.
...with a history of harming the US.
...and a mountain of abuses..
Can get a free pass.
It would defang US efforts to curb proliferation & bad behavior.
UPDATE: NSO just hired former Trump ambassador to Israel.
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
November 9, 2025 at 10:05 PM
UPDATE: NSO just hired former Trump ambassador to Israel.
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
YIKES: NSO floats Pegasus spyware used in hypothetical "time of domestic crisis" in 🇺🇸America.
I believe they won't stop lobbying until they get Pegasus into USA.
To hack Americans. 1/
I believe they won't stop lobbying until they get Pegasus into USA.
To hack Americans. 1/
November 7, 2025 at 8:36 PM
YIKES: NSO floats Pegasus spyware used in hypothetical "time of domestic crisis" in 🇺🇸America.
I believe they won't stop lobbying until they get Pegasus into USA.
To hack Americans. 1/
I believe they won't stop lobbying until they get Pegasus into USA.
To hack Americans. 1/
NEW: Paragon spyware hit a key Italian campaign manager / political strategist.
Super concerning case & a reminder that Italy has a growing pile of unexplained infections with Paragon's Graphite spyware.
Super concerning case & a reminder that Italy has a growing pile of unexplained infections with Paragon's Graphite spyware.
NEW: The Paragon spyware scandal in Italy widens again.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
A political consultant who works with left-wing politicians, who are part of the opposition party Partito Democratico, has now come out as the latest target.
"It is time to ask a very simple question: Why? Why me?" Francesco Nicodemos said.
Italian political consultant says he was targeted with Paragon spyware | TechCrunch
WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon.
techcrunch.com
November 6, 2025 at 9:03 PM
NEW: Paragon spyware hit a key Italian campaign manager / political strategist.
Super concerning case & a reminder that Italy has a growing pile of unexplained infections with Paragon's Graphite spyware.
Super concerning case & a reminder that Italy has a growing pile of unexplained infections with Paragon's Graphite spyware.
Outages are impromptu seminars on where the internet actually lives.
On the syllabus: your favorite app's resilience & trust model.
Good thread from @signal.org's CEO.
On the syllabus: your favorite app's resilience & trust model.
Good thread from @signal.org's CEO.
📣THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we use encryption to make sure no one but you–not AWS, not Signal, not anyone–can access your comms).
It’s also concerning. 1/
It’s also concerning. 1/
PSA: we're aware that Signal is down for some people. This appears to be related to a major AWS outage. Stand by.
October 27, 2025 at 9:00 PM
Outages are impromptu seminars on where the internet actually lives.
On the syllabus: your favorite app's resilience & trust model.
Good thread from @signal.org's CEO.
On the syllabus: your favorite app's resilience & trust model.
Good thread from @signal.org's CEO.
I'm getting a lot of LLM-generated inbound.
Someone pushed a button forcing me to spend more time reading the message than they spent creating it.
Please, give me your authenticity, typos & bad grammar.
Someone pushed a button forcing me to spend more time reading the message than they spent creating it.
Please, give me your authenticity, typos & bad grammar.
October 27, 2025 at 9:46 AM
I'm getting a lot of LLM-generated inbound.
Someone pushed a button forcing me to spend more time reading the message than they spent creating it.
Please, give me your authenticity, typos & bad grammar.
Someone pushed a button forcing me to spend more time reading the message than they spent creating it.
Please, give me your authenticity, typos & bad grammar.
POV: you can't sleep because Amazon is down.
Design thinking that inserts brittle dependence into our lives.
While extracting fees for life.
Don't be these guys.
Design thinking that inserts brittle dependence into our lives.
While extracting fees for life.
Don't be these guys.
October 21, 2025 at 9:57 AM
POV: you can't sleep because Amazon is down.
Design thinking that inserts brittle dependence into our lives.
While extracting fees for life.
Don't be these guys.
Design thinking that inserts brittle dependence into our lives.
While extracting fees for life.
Don't be these guys.
Today's Amazon outage should be a wakeup call.
We've put too many internet eggs into a single basket.
We've put too many internet eggs into a single basket.
Your favorite thing is down because DynamoDB at Amazon's AWS US-EAST-1 Regionwoke up with Main Character Syndrome.
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
October 20, 2025 at 10:12 AM
Today's Amazon outage should be a wakeup call.
We've put too many internet eggs into a single basket.
We've put too many internet eggs into a single basket.
Your favorite thing is down because DynamoDB at Amazon's AWS US-EAST-1 Regionwoke up with Main Character Syndrome.
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
October 20, 2025 at 9:24 AM
Your favorite thing is down because DynamoDB at Amazon's AWS US-EAST-1 Regionwoke up with Main Character Syndrome.
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
This is the default /legacy backbone for a ton of things.
Including Amazon's own stuff.
Massive outages.
Here's what's going on & what we know 1/
NEW: 🇰🇵DPRK has begun hiding malware on blockchain.
Result, decentralized, immutable malware.
Nearly impossible to remove.
Report cloud.google.com/blog/topics/...
Result, decentralized, immutable malware.
Nearly impossible to remove.
Report cloud.google.com/blog/topics/...
October 18, 2025 at 5:48 PM
NEW: 🇰🇵DPRK has begun hiding malware on blockchain.
Result, decentralized, immutable malware.
Nearly impossible to remove.
Report cloud.google.com/blog/topics/...
Result, decentralized, immutable malware.
Nearly impossible to remove.
Report cloud.google.com/blog/topics/...
EW: 🇰🇵DPRK has begun hiding malware on blockchain.
Result, decentralized, immutable malware.
Nearly impossible to remove.
cloud.google.com/blog/topics/...
Result, decentralized, immutable malware.
Nearly impossible to remove.
cloud.google.com/blog/topics/...
October 18, 2025 at 5:47 PM
EW: 🇰🇵DPRK has begun hiding malware on blockchain.
Result, decentralized, immutable malware.
Nearly impossible to remove.
cloud.google.com/blog/topics/...
Result, decentralized, immutable malware.
Nearly impossible to remove.
cloud.google.com/blog/topics/...
NOW: US court permanently bans Pegasus spyware maker from hacking WhatsApp.
NSO Group can't help their customers hack WhatsApp etc. ether. Must delete exploits & R&D.
Bad news for NSO. Huge competitive disadvantage for the notorious company.
Big additional win for WhatsApp 1 /
NSO Group can't help their customers hack WhatsApp etc. ether. Must delete exploits & R&D.
Bad news for NSO. Huge competitive disadvantage for the notorious company.
Big additional win for WhatsApp 1 /
October 17, 2025 at 11:37 PM
NOW: US court permanently bans Pegasus spyware maker from hacking WhatsApp.
NSO Group can't help their customers hack WhatsApp etc. ether. Must delete exploits & R&D.
Bad news for NSO. Huge competitive disadvantage for the notorious company.
Big additional win for WhatsApp 1 /
NSO Group can't help their customers hack WhatsApp etc. ether. Must delete exploits & R&D.
Bad news for NSO. Huge competitive disadvantage for the notorious company.
Big additional win for WhatsApp 1 /
Now we're seeing confirmation of the NSO acquisition.
Mark my words, this is the path through which Pegasus gets put on Americans iPhones & Androids.
This dictatorship-in-a-box belongs nowhere near our constitutional rights.
Mark my words, this is the path through which Pegasus gets put on Americans iPhones & Androids.
This dictatorship-in-a-box belongs nowhere near our constitutional rights.
SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.
Spyware maker NSO Group confirms acquisition by US investors | TechCrunch
NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.
techcrunch.com
October 10, 2025 at 3:58 PM
Now we're seeing confirmation of the NSO acquisition.
Mark my words, this is the path through which Pegasus gets put on Americans iPhones & Androids.
This dictatorship-in-a-box belongs nowhere near our constitutional rights.
Mark my words, this is the path through which Pegasus gets put on Americans iPhones & Androids.
This dictatorship-in-a-box belongs nowhere near our constitutional rights.
NEW: fresh trouble for mercenary spyware companies like NSO.
#Apple is launching fat bounties on the zero-click exploits that feed the supply chain behind products like Pegasus & Paragon's Graphite.
With bonuses, exploit developers can land $5 million payouts.
security.apple.com/blog/apple-s...
#Apple is launching fat bounties on the zero-click exploits that feed the supply chain behind products like Pegasus & Paragon's Graphite.
With bonuses, exploit developers can land $5 million payouts.
security.apple.com/blog/apple-s...
October 10, 2025 at 3:33 PM
NEW: fresh trouble for mercenary spyware companies like NSO.
#Apple is launching fat bounties on the zero-click exploits that feed the supply chain behind products like Pegasus & Paragon's Graphite.
With bonuses, exploit developers can land $5 million payouts.
security.apple.com/blog/apple-s...
#Apple is launching fat bounties on the zero-click exploits that feed the supply chain behind products like Pegasus & Paragon's Graphite.
With bonuses, exploit developers can land $5 million payouts.
security.apple.com/blog/apple-s...
NEW: Pegasus spyware coming to America?
An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.
Again.
Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?
Where is the money coming from? 1/
www.globes.co.il/news/article...
An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.
Again.
Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?
Where is the money coming from? 1/
www.globes.co.il/news/article...
October 10, 2025 at 11:35 AM
NEW: Pegasus spyware coming to America?
An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.
Again.
Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?
Where is the money coming from? 1/
www.globes.co.il/news/article...
An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.
Again.
Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?
Where is the money coming from? 1/
www.globes.co.il/news/article...
NEW: cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
October 9, 2025 at 4:56 PM
NEW: cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
Implication: security doesn't scale with LLMs.
Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192
NEW: Germany opposes mass scanning of private messages.
"must be taboo in a constitutional state"
"even the worst crimes don't justify giving up basic civil rights"
Well said Minister Stefanie Hubig!
Leadership we need from Europe's democracies.
www.bmjv.de/SharedDocs/Z...
"must be taboo in a constitutional state"
"even the worst crimes don't justify giving up basic civil rights"
Well said Minister Stefanie Hubig!
Leadership we need from Europe's democracies.
www.bmjv.de/SharedDocs/Z...
October 8, 2025 at 1:23 PM
NEW: Germany opposes mass scanning of private messages.
"must be taboo in a constitutional state"
"even the worst crimes don't justify giving up basic civil rights"
Well said Minister Stefanie Hubig!
Leadership we need from Europe's democracies.
www.bmjv.de/SharedDocs/Z...
"must be taboo in a constitutional state"
"even the worst crimes don't justify giving up basic civil rights"
Well said Minister Stefanie Hubig!
Leadership we need from Europe's democracies.
www.bmjv.de/SharedDocs/Z...
You don't even need to read the article to know this is a durian.
October 6, 2025 at 5:06 PM
You don't even need to read the article to know this is a durian.
NEW: breach of Discord age verification data.
Including some users passports & DLs
Age verification is a badly implemented data grab wrapped in a moral panic.
Mark my words, as age verification mandates expand, we'll end up more surveilled and less secure. 1/
Including some users passports & DLs
Age verification is a badly implemented data grab wrapped in a moral panic.
Mark my words, as age verification mandates expand, we'll end up more surveilled and less secure. 1/
October 5, 2025 at 4:51 PM
NEW: breach of Discord age verification data.
Including some users passports & DLs
Age verification is a badly implemented data grab wrapped in a moral panic.
Mark my words, as age verification mandates expand, we'll end up more surveilled and less secure. 1/
Including some users passports & DLs
Age verification is a badly implemented data grab wrapped in a moral panic.
Mark my words, as age verification mandates expand, we'll end up more surveilled and less secure. 1/
NEW: UK asked Apple to backdoor iCloud encryption.
Backdoors create a massive target for hackers & criminal groups.
Dictators will inevitably demand that Apple do the same for them. 1/
www.ft.com/content/d101...
Backdoors create a massive target for hackers & criminal groups.
Dictators will inevitably demand that Apple do the same for them. 1/
www.ft.com/content/d101...
October 1, 2025 at 1:47 PM
NEW: UK asked Apple to backdoor iCloud encryption.
Backdoors create a massive target for hackers & criminal groups.
Dictators will inevitably demand that Apple do the same for them. 1/
www.ft.com/content/d101...
Backdoors create a massive target for hackers & criminal groups.
Dictators will inevitably demand that Apple do the same for them. 1/
www.ft.com/content/d101...
NEW: turns out the EU helped finance a bunch of spyware companies with..public money.
Extremely bad look.
Group of MEPs calls for action.👇
apache.be/2025/10/01/e...
Extremely bad look.
Group of MEPs calls for action.👇
apache.be/2025/10/01/e...
October 1, 2025 at 10:19 AM
NEW: turns out the EU helped finance a bunch of spyware companies with..public money.
Extremely bad look.
Group of MEPs calls for action.👇
apache.be/2025/10/01/e...
Extremely bad look.
Group of MEPs calls for action.👇
apache.be/2025/10/01/e...
Friend,
Does scrolling leave you hollowed?
Is anger frictionless...but thinking like swimming against the current?
You're in an algorithmic rip tide.
Your mental clarity is the target.
Take a beat and step out
Connect with your own thoughts.
It's what designers of these algorithms fear most.
Does scrolling leave you hollowed?
Is anger frictionless...but thinking like swimming against the current?
You're in an algorithmic rip tide.
Your mental clarity is the target.
Take a beat and step out
Connect with your own thoughts.
It's what designers of these algorithms fear most.
September 12, 2025 at 12:50 PM
Friend,
Does scrolling leave you hollowed?
Is anger frictionless...but thinking like swimming against the current?
You're in an algorithmic rip tide.
Your mental clarity is the target.
Take a beat and step out
Connect with your own thoughts.
It's what designers of these algorithms fear most.
Does scrolling leave you hollowed?
Is anger frictionless...but thinking like swimming against the current?
You're in an algorithmic rip tide.
Your mental clarity is the target.
Take a beat and step out
Connect with your own thoughts.
It's what designers of these algorithms fear most.
Reposted by John Scott-Railton
NEW: Spyware installed on Kenyan filmmakers' phones in police custody @citizenlab.ca confirms cpj.org?p=516177
Spyware installed on Kenyan filmmakers' phones in police custody - Committee to Protect Journalists
New York, September 10, 2025—The Committee to Protect Journalists is gravely alarmed by the installation of spyware on two Kenyan filmmakers’ phones while the devices were in police custody, and calls...
cpj.org
September 10, 2025 at 2:02 PM
NEW: Spyware installed on Kenyan filmmakers' phones in police custody @citizenlab.ca confirms cpj.org?p=516177
Powerful interests are trying to change the internet.
It's worse than you know.
Your safety and freedoms are on the line.
Thank you for your attention to this matter.
www.youtube.com/watch?v=iz_8...
It's worse than you know.
Your safety and freedoms are on the line.
Thank you for your attention to this matter.
www.youtube.com/watch?v=iz_8...
Exposing Pegasus: How the State Spies on You | John Scott-Railton
YouTube video by What Bitcoin Did
www.youtube.com
September 10, 2025 at 10:45 AM
Powerful interests are trying to change the internet.
It's worse than you know.
Your safety and freedoms are on the line.
Thank you for your attention to this matter.
www.youtube.com/watch?v=iz_8...
It's worse than you know.
Your safety and freedoms are on the line.
Thank you for your attention to this matter.
www.youtube.com/watch?v=iz_8...
NEW: Mercenary spyware is coming to the US.
ICE just quietly unsuspended their contract with spyware maker #Paragon.
Remember them? Caught earlier this year being used to hack Italian journalists.
This is bad, let's talk about how we got here 1/
jackpoulson.substack.com/p/exclusive-...
ICE just quietly unsuspended their contract with spyware maker #Paragon.
Remember them? Caught earlier this year being used to hack Italian journalists.
This is bad, let's talk about how we got here 1/
jackpoulson.substack.com/p/exclusive-...
Exclusive: ICE reactivated its $2 million contract with Israeli spyware firm Paragon, following its acquisition by U.S. capital
The cyber division of ICE's Homeland Security Investigations on Saturday quietly lifted a stop-work order put into place by the Biden administration in October.
jackpoulson.substack.com
September 2, 2025 at 1:16 AM
NEW: Mercenary spyware is coming to the US.
ICE just quietly unsuspended their contract with spyware maker #Paragon.
Remember them? Caught earlier this year being used to hack Italian journalists.
This is bad, let's talk about how we got here 1/
jackpoulson.substack.com/p/exclusive-...
ICE just quietly unsuspended their contract with spyware maker #Paragon.
Remember them? Caught earlier this year being used to hack Italian journalists.
This is bad, let's talk about how we got here 1/
jackpoulson.substack.com/p/exclusive-...