On what grounds does Meta deserve the source code here? Unless Pegasus is considered a "derivative work," the most Meta should be able to demand is money.
They need to know how they were hacked so they can fix the vulnerability. NSO broke the law when they hacked whatsapp, it seems reasonable that they're forced to share details to prevent others from using the same method.
I'm wondering on what grounds is NSO allowed to keep the names of their co-conspirators (AKA clients) secret?
I think it's reasonable to require them to share details, but source code is a copyright issue and shouldn't be given up. I'm guessing the source has a lot more than just the one attack.
But yeah, I'm also surprised they're not obligated to reveal the names of anyone involved in planning or ordering the attack. Surely that could be subpoenad.
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world