[ishi]

I was recently offered a job by NSO, didn't take it due to their terrible reputation. I won't be surprised if some countries start denying entry to NSO employees. Even Facebook suspended accounts of NSO employees after NSO hacked Whatsapp - https://www.vice.com/en_us/article/7x5nnz/nso-employees-take... .

On the other hand, their product is just a tool which can be used for good (stopping terrorists) or evil (spying on human rights activists). Just like a kitchen knife can be used for good (cooking a meal) or evil (stabbing people). So I find it hard to find the moral justification for the actions you suggest. The problem is not the tool or the tool's manufacturer, it's how it gets used.

[wallacoloo]

I’ll play the opposite side of this argument, for the sake of discussion. You point to knifes having a good use: cooking. It’s by far the dominant use of knifes, and no doubt it makes cooking sunstantially easier.

But hacking tools: to what extent are they actually being used for good? Stuxnet is the clearest example I know of these tools almost certainly decreasing a threat to US citizens (at least for the time before it was found out). But beyond that, there’s very little publicly accessible information demonstrating that these tools are actually effective at stopping or decreasing terrorism. Moreover, even if they turn out to be effective at that, their use in this manner comes with other questionable effects on law and personal rights. I don’t think the knife is a good analogy because while everyone agrees that a knife can be put to either good or bad effect, there’s not consensus on whether hacking tools can even be used for any good.

[inglor]

When I was in the Israeli army, I personally saw a phone being hacked, info being pulled and the info being used to stop a terrorist attack targeting civilians. I was not involved in the hack (I served in the navy).

In that particular case (but not the majority of cases) the target of the hack was an Israeli citizen who was practicing terrorism (against the Arab minority). After their info was intercepted they were arrested and the situation was de-escalated.

Tech like this saved lives that day. I don't think it justifies the freedom cost, but let's not forget real lives are saved by tools like Pegasus.

[mschuster91]

> Tech like this saved lives that day. I don't think it justifies the freedom cost, but let's not forget real lives are saved by tools like Pegasus.

Additionally, even if the tools are developed and used only by governments that are deemed democratic today (e.g. USA, Israel, Germany) and under strict independent and parliamentary oversight, who can guarantee that future governments of these country will be democratic (obvious recent cases Brazil, Poland, Hungary, but one might also ask that question about the US)?

[robert_foss]

Real lives are destroyed by these tools too.

These are tools of the Regime, and some regimes will wield them against minorities (like Uyghurs in China), journalists (in Mexico and Jamal Khashoggi in Saudi Arabia) and protesters (in Belarus).

[kome]

One good user case doesn't justify selling this tool to autocratic and totalitarian countries, or countries involved in systematic oppression of minorities.

[toyg]

One’s autocratic country is someone else’s ideal of social organization.

Should we stop selling steel to the US because it could be used to put migrant kids in cages, or weapons because it could be used to invade random countries? I’m not saying the answer is obvious, I’m saying the problem is complex and multifaceted.

Take Morocco: not the best government (somewhat theocratic, absolutist monarchy, big on unaccountable and torture-oriented secret police), but overall more peaceful and stable than its neighbors. Do “we” help continuing this state of thing, or do “we” let malcontent bubble up and risk turning it into a failed state and civil war? It’s shades of grey all around, sadly.

[scoutt]

> good or bad

I think the question, although genuine, has a flaw, that is, reasoning in terms of "good or bad".

"Good or bad" for whom? Is something that is "not good" inherently "bad" and viceversa?

Is something "good" only because is "decreasing a threat to US citizens"? What about the consequences of "decreasing a threat"? Like Guantanamo Bay, Patriot Act, this poor guy (https://news.ycombinator.com/item?id=23625215), bombing a country thousands of miles away?

"Good or bad" is relative, just like right or wrong. It's difficult to correctly grasp a concept or conceal an idea by just defining it as "good or bad".

[wallacoloo]

I agree with you, and believe it or not I did try to go out of my way to avoid calling stuxnet itself good or bad: I kept those words out of the sentence which mentions stuxnet

> Stuxnet is the clearest example I know of these tools almost certainly decreasing a threat to US citizens...

However, you still have to make value judgements at some point when organizing a society. It’s literally impossible to do so otherwise. Even if you make a conscious effort to not organize socially — I.e. to embrace anarchy — you’ve made at least an implicit value judgment that governance isn’t worth the limitations it requires of the people (I.e. limitation of individual freedom is “bad”).

“good” and “bad” are messy things to deal in, but they still have their place. Any answer to “should we allow NSO group to operate” has to make a value judgement at some point. I think it actually helps to make that explicit — for example my point should still stand in most other value systems precisely because it refers to “good” and “bad” — which vary across value systems — without prescribing what is good or bad.

I could have been more clear about separating an example (stuxnet — the thing which brings in a value system) out of the argument itself. But I couldn’t find a way to do it without sacrificing brevity or readability. Such are the limitations of communication, particularly written :|

[scoutt]

> make value judgements

There is a whole branch of philosophy dedicated to that: it's called Ethics (https://en.wikipedia.org/wiki/Ethics).

When an entire branch of philosophy exists for that sole purpose, categorizing things into to "bad" or "good", in whatever area, is oversimplifying.

[gdy]

"to what extent are they actually being used for good? Stuxnet is the clearest example I know of these tools almost certainly decreasing a threat to US citizens"

By this logic an equally good use would be to sabotage American military-industrial complex thus reducing threat to the citizens of many countries around the world.

[gpanders]

> But beyond that, there’s very little publicly accessible information demonstrating that these tools are actually effective at stopping or decreasing terrorism.

Absence of evidence is not evidence of absence, particularly in this context where the actors involved are highly incentivized to keep success stories well-hidden and well-guarded.

You'll never know about all of the terrorist attacks that didn't happen.

[dafoex]

Not to mention, when hacking tools are used for good, they are often used from the perspective of people wanting to do bad: penetration testing

[justinclift]

> On the other hand, their product is just a tool which can be used for good (stopping terrorists) or evil (spying on human rights activists).

That applies to lots of technology things though. With the NSO group specifically though, wouldn't their tech have Sales people that need to actively court and sell it to potential customers?

[driverdan]

> Just like a kitchen knife can be used for good (cooking a meal) or evil (stabbing people).

NSO knowingly sells tools to repressive regimes that use them to violate human rights. If you sell a knife to someone you know is going use it for murder then you're culpable and your behavior is immoral.

[underdeserver]

The thing about NSO is, they screwed up by becoming famous. If you're NSO, you want nobody in the tech community to know you exist.

I'm sure there are dozens of companies like NSO that you just don't know about.

[alex_duf]

It's bad for rep, but it's also a great business card.

[user5994461]

Is it bad for their reputation really? A oil company gets bad rep for the environment, a mill gets bad rep for deforestation. This doesn't matter the slightest to their customers, they "understand" what they're buying.

[alex_duf]

I think the knife metaphor here might be a bit understated.

It's more like a self guiding missile. It's meant to hurt, so that makes NSO pretty dodgy.