The main actors are three: the Pegassus program and the Israeli company NSO, the owner, with a history so long and questionable that it goes beyond these lines; Citizen lab, a Canadian think tank not known in the academic field of computer security except to follow the news regarding its self-imposed mission to expose Pegassus; and the third, the long journey of the «process» accompanied by the palette sensitivity to take for granted what is said from certain strange realms.

For starters, translate what’s written in the April third issue of The New Yorker seminar: From the ornate chambers of the Catalan Parliament. Solé, forty-five years old and dressed in a baggy suit, handed him his mobile phone, a silver iPhone 8 Plus. He had received suspicious messages and wanted the device scanned. Campo, a sweet-natured thirty-eight-year-old with disheveled dark hair, was born and raised in Catalonia and is a proponent of independence. He worked for WhatsApp and Telegram in San Francisco for years, but recently moved back to his country. “I feel like it’s kind of a duty in a way,” Campo told me. He now works as a fellow at the Citizen Lab” at the University of Toronto. Campo collected logs of Solé’s phone activity, including crashes, and then ran specialized software to search for spyware designed to work invisibly. While they waited, Campo searched the phone for evidence of attacks that take various forms: some coming in via WhatsApp or as text messages that appear to come from known contacts; others require a click on a link and others work without any user action. Campo identified a clear report from the Spanish government’s social security agency that used the same format as links to malware that Citizen Lab had found on other phones. “With this message, we have proof that you were attacked at some point,” Campo explained. Immediately Solé’s phone vibrated. “This phone has tested positive,” the screen says. Campo told Solé: “There are two confirmed infections,” as of June 2020. “In those days, your device was infected: they took control and probably spent a few hours on it. Download, listen, record.

End quote. A story typical of a novel, but not for its accuracy, the lack of which is not justified by the protagonist presenting himself as an intern (the silent majority of them support scientific production) or by the fact that Ronald Farrow, son of Mia Farrow and Woody Allen, with tremendous media coverage of Harvey Weinstein’s case.

The suspicions arose in such a conversation led the Canadian think tank to publish a report on the 18th, the content and scientific objectivity of which by its title leaves no room for doubt: “CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru.” The first signatory is John Scott Railton, who met in Brussels with Junqueras and Puigdemont, who has yet to earn a PhD from UCLA, though he claims to have founded a company that he says can help address internet outages. Libya and Egypt has been prevented and his work has been covered by Time, BBC, CNN, Washington Post and New York Time, very important and respectable media, but without any guarantee when it comes to attributing any kind of technical solvency; the second signatory is the aforementioned fellow.The content of the article devotes 75% of its pages to telling the history of edenis of Catalonia and its pursuit of independence, although few describe the methodology for detecting attacks and data in the environment of Apple’s iOS operating system, such as for Android. What is described there is little less than banal and nothing to show that the phones of the Independentistas have been attacked. I’m not talking about legal proof or anything like that, just a simple technical assessment, although a lot of media has bought it. Neither Apple, nor Google for Android or Facebook for WhatsApp as a possible gateway have said anything about the futility of the Canadian argument.

Even assuming Citizen could confirm the attacks and their dates from years ago, it is more difficult to attribute these alleged violations to anyone in particular, in this case to Spanish government agencies. If they are Pegassus specialists, they should be the first to know that NSO’s goodness claim that the program is only sold to states to fight terrorism is untrue, as NSO has established companies in the US to support the application. sell it to local law enforcement (the Biden administration just called it undesirable, though the federal government is allowed to continue using Pegassus) without addressing the fact that the virus may be available from private companies founded by former NSO employees. In addition, the companies whose applications are attacked (think WhatsApp) have mechanisms called retrocession, a kind of hook that can be extended to those who use the virus and who in turn are able to enter the attacker’s field. That is why the virus can appear in commercial skirmishes.

For the purposes of our reflection, there are several ways to enter a phone and leave a so-called mark on it, which is not complicated for a particular group of people to declare themselves as supposedly attacked. It is politically incorrect to doubt organizations as media-savvy as Citizen Lab. Adding Gumersindo Ruiz, senior engineer at Amper: “I don’t think that two years ago (the date of the most recent ‘attacks’) it was necessary to resort to foreign technology to enter a mobile, although it is not very well known for what ».

It is surprising the enormous credibility that the Spanish media and politicians have given to a report that does not meet the least strict conditions (at least in information technology, history belongs to other professionals) when it comes to making extremely serious accusations against our current democratic regime simply because an American magazine echoes a dubious message. No one here has wondered about the technical solvency, not the media, of the company and its authors.

The Marx brothers were geniuses of intelligence in the form of laughter, but Pedro Sánchez and Pere Aragonés have problems to solve, very important to the Spaniards, so it’s helpful that they don’t interpret love/hate scenes using the back of the IT professionals, as using arguments that do not dominate them will not help to solve the really important questions. Suggestion: Request a report from technologists more current than yours truly and end the episode.