[ishi]

It isn't a "telemetry-/ad- surveillance dragnet". Kitenet's product is a "Private Data Network (PDN) to control, monitor, and secure data exchanged between people, machines, and systems across user collaboration, automated workflows, and enterprise AI".

It stands to reason that ex-cryptographers from Unit 8200 would use the expertise they gained to launch legitimate companies that provide cybersecurity solutions.

[diydsp]

It's not inevitable. It's up to us in a shared world to decide how to govern ourselves and live our lives. Not to be at the whims of a small group of powerful strangers.

[stocksinsmocks]

I think it’s much more likely they’re creating honeypots as contractors. There is a lot more money in surveillance than privacy

[ishi]

Is there any factual basis to this claim, or just your personal opinion? It's like claiming Oracle's real business isn't a database, but rather stealing customers data which was stored in Oracle's databases. Or practically any other company that has access to customers data.

[Fnoord]

> Is there any factual basis to this claim

Please feel free to translate and read the Dutch version of this article. On the bottom, several security researchers found vulnerabilities in Zivver [1]

[1] https://www.ftm.nl/artikelen/vertrouwelijke-zaken-te-grabbel...

[ishi]

So Zivver created a product with security vulnerabilities, Kitenet bought Zivver (probably for their customer base), and it's all some sort of conspiracy to steal personal data?

[Fnoord]

We merely bought the honeypot, Your Honor! We didn't know what we were buying!

Perfect cover story /slowclap

Secret services use companies as cover all the time. Nothing new there.

The conspiracy is that it is a dragnet for the data, and given the data is first send plaintext to Zivver (see the Dutch FTM article I already linked), it isn't far-fetched.

Looking at the current geopolitical situation, it also isn't far-fetched. It even fits in the Israeli secret services' M.O.

Actually, anyone who uses Zivver can find these vulnerabilities. I was worried about this, and reported it to my former employer (while still employed), but alas I did not have a PoC and they had a lot of other security related incidents so this was low priority. Also, this was at a time when the company was still privately owned by the Dutch founders. My hypothesis is that someone working for such an organization passed it to the Israeli secret service, who then got motivated to buy this honeypot.

Chinese do something similar: release some piece of technology, never provide any meaningful updates to the product, and voila it is insecure as hell (yet 'we didn't know' provides plausible deniability). I saw this first-hand with KRACK vulnerability.

Also... Kiteworks [1] is the name of the company. Not sure why you keep calling it Kitenet.

[1] https://en.wikipedia.org/wiki/Kiteworks

[chiefalchemist]

To be fair, it’s not a conspiracy if it actually happens. It’s surprising how often this type of reasoning is still so common.

[dlubarov]

What are you saying actually happened? It sounds like the concern is that in a certain context, messages are cloud hosted instead of client-side e2e encrypted? Did anyone even claim otherwise?

How is this different from suggesting Netflix was all a secret plot by Stanford to spy on Europeans' TV binging?

[SilverElfin]

There’s really nothing concrete in this “article”. It’s basically vague insinuations and conjecture and conspiracy theory, all in support of putting out content with something nefarious implied about all Israelis. In other words, it’s propaganda.

[nunobrito]

It is an obvious and recurring phenomenon to anyone minimally following cybersecurity topics. This isn't the first time, nor the second, nor the third, nor the last.

This is the same as claiming that water isn't wet until someone here on HN brings you 10 articles and news proving otherwise. This particular topic was never really denied, nor even by the authors themselves as you can read on the article.

[coliveira]

Do you understand that Oracle has real features used daily by clients other than "securing" their communications?

[cluckindan]

Are you sure such claims about Oracle are completely unfounded?

[kasey_junk]

This framing is a cheap rhetorical trick. Restated this leads to the statement “all companies by default are in the business of capturing customer data, all other claims about their product and smoke screens to hide that.”

Which is something you can believe but it falls into the extraordinary claims, extraordinary evidence category. But by claiming it about Oracle or Israeli cyber firms or whatever you swap the evidence burden to the person who has the not extraordinary claim, that most businesses are doing what it claims on the tin.

[coliveira]

It's not just a rhetorical trick. Amazon collects most of their data in Virginia, right at the doorsteps of a well known "intelligence" org in the USA. These companies that handle data all around the world are authorized to exist for some reason...

[kasey_junk]

Then the argument should be that. Not “hey commenter you must prove a never ending set of ‘now do Oracle’, ‘now do Amazon’”.

Say the words “I believe all companies exist as an extension of the US intelligence apparatus” and claim the burden for yourself.

[chiefalchemist]

Books such as:

“The Age of Surveillance Capitalism”

and

“Stand Out of Our Light”

might not change your mind, but you’re likely to end up realizing customer data hovering is more of a driver of modern business decisions than you realize. To say nothing of the assets such activities provide the intelligence communities.

This is happening. Please don’t dismiss it as conspiracy theory.

[ishi]

It's easy to make baseless accusations that are impossible to disprove, that's exactly my point.

[cluckindan]

Come on. The CIA was Oracle’s first customer.