Apple Suddenly Drops NSO Group Spyware Lawsuit

Apple has abruptly withdrawn its lawsuit against NSO Group, citing increased risk that the legal battle might unintentionally reveal sensitive vulnerability data to the very adversaries involved in the legal dispute.

https://www.securityweek.com/apple-suddenly-drops-nso-group-spyware-lawsuit/

1 Like

I guess that’s one way to become legally untouchable :thinking:

3 Likes

Concerning, since technical-only solutions won’t thwart a nation state actor.

Google, on paper at least, has been locking up Android, which is routinely pwned by memory-related exploits, by replacing C/C++ with memory-safe Rust and private compute (ex: mutually untrusted VMs aka pKVM).

That alone won’t ever be enough, but will definitely make it expensive for CSVs (commercial surveillance vendors) like the NSO group to come up with zero-days.

1 Like

Good evening, I would be grateful if you would pay attention to my message.

Which set of measures do you think might be more productive?

Wouldn’t a closed hearing at least partially resolve the issue?
I mean Is there a legal or procedural solution to the issue that Apple has identified as the reason for dropping the lawsuit?

The problem has both technical and legal dimensions and obtaining information from NSO Group is a challenging equation,
but Apple has the resources and determination to overcome this challenge, don’t you think so?

How much untouchability costs? There will always be someone who will try to make them touchable. For (much) more money ofc

Apple can’t risk going up against the military-industrial complex, I don’t think. In fact, I’d not be surprised if it itself is found to be a part of it.

Don’t presume they need anything of the sort. Don’t mean to sound grim or dramatic, but CSVs supply key tech to an immense powerbase (dictators, authoritarian head of states, far-right nationalists, over-reaching billionaires) that when put together rule most of the world.

1 Like

But do they have reasons to ?

Apple probably does this for PR, as all their talks about Privacy is MOSTLY marketing.

3 Likes

There always is a reason…

There is enough tinfoil in here to bake a truck load of potatoes.

Apples reasoning here is straight forward, no need for conspiracies. Also the U.S. government views NSO as an adversary and malicious actor, hence the sanctions.

Why are Google not giving up? Hacking Policy Council

As another user mentioned, Apple is all about marketing.

Isn’t stopping them (and it can’t since their customer base is beyond US’ economic reach): State-backed attackers and commercial surveillance vendors repeatedly use the same exploits

1 Like

That’s why Apple ecosystem is treated as a “privacy respecting” alternative.

This made me chuckle quite a bit.

Google could potentially get into a lawsuit with the NSO or other CSVs and be in less of a bad spot because AOSP is an open system which they build upon for their phones and other services. Unless Google Play Services or some other closed source service in a device is used as an attack vector, Google have less to lose than Apple does.

1 Like