Julian Dorey Podcast - [VIDEO] - Gray Hat Hacker EXPOSES How Gov Spyware is BRAINWASHING You | Jonathan Scott • 209
Episode Date: May 30, 2024(***TIMESTAMPS in description below) ~Jonathan Scott is a Gray Hat Hacker. He is known for exposing the *real* story behind "Hotel Rwanda" and for his expertise on NSO Group's Mysterious Spyware, "Peg...asus." - BUY Guest’s Books & Films IN MY AMAZON STORE: https://amzn.to/3RPu952 EPISODE LINKS: - Julian Dorey PODCAST MERCH: https://juliandorey.myshopify.com/ - Support our Show on PATREON: https://www.patreon.com/JulianDorey - Join our DISCORD: https://discord.gg/Ajqn5sN6 JONATHON SCOTT’S LINKS: - JONATHON’S YOUTUBE: https://www.youtube.com/c/jonathandata1 JULIAN YT CHANNELS: - SUBSCRIBE to Julian Dorey Clips YT: https://www.youtube.com/@juliandoreyclips - SUBSCRIBE to Julian Dorey Daily YT: https://www.youtube.com/@JulianDoreyDaily - SUBSCRIBE to Best of JDP: https://www.youtube.com/@bestofJDP ***TIMESTAMPS*** 00:00 - Grey Hat Hacker, Pegasus, Bitcoin Controversy Case 😱 12:35 - Amnesty International, Citizen Lab, Pegasus Hack Protocol, Largest Spy Scandal in World 😡 21:32 - Citizen Lab Hacking Identifier, Unraveling the Conspiracy 😶 31:56 - False Positive Data, Deeper Dark Truth 😶🌫️ 41:33 - Fake Data, PHD Scientists Corroborating Case, Death Threats 🔫 50:17 - Jamal Ahmad Khashoggi Case, Political Agenda by Human Rights Orgs (Ford Foundation), Gerald R. Ford 📈 59:30 - Apple & What’s App, Citizen’s Lab “Forensics Expert” 💰 01:08:15 - Hotel Rwanda & Paul Rusesabagina Controversy, His Daughter’s “Infected” Phone 😳 01:19:11 - FBI Sting Operation, Paul Rusesabagina ‘Kidnapped’/ Funding Terrorist, Hotel Rwanda Exposed 😤 01:32:15 - Real Heros of ‘Hotel Rwanda’, Paul Rusesabagina Video, Spy-Ware Impact, Paul Rusesabagina’s Daughter & Powerful Friends❗ 01:47:42 - Human Rights Convention, Pegasus Malware, Spewing Lies 😰 01:57:40 - NSO (Israel Org), Citizen Lab’s Intent, Morocco Case 🫡 02:09:21 - Citizen Lab, Palantir, & Current World Gov. Operations, Espionage Disagreements 🤯 02:20:50 - Spy Ware Conflicts Globally, House Bills, Aerospace UFO/Underwater Phenomenon Interest 😰 02:27:41 - Why Jonathan is Speaking Up, Cancelling/Silencing People, Shocking Discoveries 😳 02:47:21 - Brilliance of Lawyers, Complexity of Spy-Ware Case, Sim Card Issues 😶 02:51:50 - Find Jonathan 👇 CREDITS: - Hosted & Produced by Julian D. Dorey - Intro & Episode Edited by Alessi Allaman: https://www.instagram.com/alessiallaman/ ~ Get $150 Off The Eight Sleep Pod Pro Mattress / Mattress Cover (USING CODE: “JULIANDOREY”): https://eight-sleep.ioym.net/trendifier Julian's Instagram: https://www.instagram.com/julianddorey ~ Music via Artlist.io ~ Julian Dorey Podcast Episode 209 - Jonathan Scott Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
In the movie Hotel Rwanda, he alleges that he, specifically, alleges that he saved, you know,
over 2,000 people. He says with his own words, like, I saved, and his daughter pushes the same
narrative to over 2,000 people. Well, it turns out, he says, I saved these people. And so these
declassified documents came out from the National Archives, in which the, a general from the UNMAR,
UN Peacekeepers, people are frustrated about this film.
All around the world, they're like,
these events are false.
He did not save anyone at the Hotel Mil Colines.
It was the UN Peacekeepers and Congolese Brazzaville
that were helping everyone and taking fire.
And even one of the Congolese Brazzaville Peacekeepers
was blown up right in front of the hotel.
And this man's taking all the credit.
And so this general was so...
General Dallaire.
So he's upset about this.
And he tells...
This is a quote from these declassified top secret documents
were released by the U.S. National Archives in 2014
regarding the Rwandan conflict, the genocide against Tutsi.
And this is an interview with the director of the National Security Archives, Tom Blanton,
and Lieutenant General Romeo Dallarae.
He says, quote, I would like you to acknowledge the role played by those UNAMIR troops who stayed in Rwanda, including the troops from Congo Brazzaville, who were the ones who saved the people at the Hotel Miokolin, not the hotel manager, Paul Rusesabagina.
What's up, guys? not the hotel manager, Paul Rousses of Laguna. expose you you know what i'm saying listen people tend to say some things to you it appears but i gotta tell you john you are the most prepared guest oh we've ever had there's i've said that
now a few times i think you take the cake though there's a can you hand me that fat stack over
there right now this and and you're you're a computer guy you're bringing me printed shit i
love it oh yeah yeah i figured you know just old school fat stack yeah
of white papers here that we're gonna be talking about a lot of these today absolutely you and i
have also been sitting here for a couple hours going through different files on your computer
yeah verifying some things some stuff that is under seal that literally can't be shown on camera
obviously so people are gonna have to go with that but i have checked into some stuff that's going to come up today but dude you you're an interesting guy to say the least you you are in the middle of a
lot of different things here that obviously there's something going off right now even let me
shut that up let's not get yeah but you call yourself a gray hat hacker what does that mean
sure yeah you know this there a, there's a distinction
that in, you know, in the hacker community that you're either a white hat or a black hat with
white means, you know, you're on the good side and black, you're on the legal side, but there's
this middle ground that's people don't generally talk about, which is, you know, the slippery slope, right?
So one of the things that I can say about the gray hat side is that developing exploits for devices, like, and I say developing exploits, like you can sell a way to break into a phone legally, right?
But on a platform called Zerodium, for example.
Yes.
Right? So Zerodium has been around for a long time and they'll pay you half a million dollars
if you can develop a zero day exploit for an iPhone, right? Or an Android.
This is the area that I play in, right? So developing exploits for different companies.
Guys, if you're still watching this video and you haven't yet hit that subscribe button,
please take two seconds and go hit it right now. Thank you.
All these places are saying, oh, we've misidentified these as malicious. It's not
really malicious. But at the same time, there's so many that it was submitted to,
you can't get back to stasis.
What was the other thing too?
You and I were talking about this before camera.
I want to cover this and I want to get to Pegasus.
Yeah.
I think we're there.
We are.
We are.
Yeah.
What was the thing that people were giving you shit about online for being removed from a case?
Yes. So what happened there in this was this this
past year the i was um i was an i was scheduled to be an expert witness in the U.S. Mixing, right? So taking Bitcoin and anonymizing the Bitcoin by putting it through different wallets.
And it's called Bitcoin Fog.
And because...
Discover the exciting action of BetMGM Casino.
Check out a wide variety of table games with a live dealer
or enjoy over 3,000 games to choose from like Cash Eruption, UFC Gold Blitz.
Make instant deposits or same-day withdrawals.
Download the BetMGM Ontario app today.
Visit BetMGM.com for terms and conditions.
19 plus to wager Ontario only.
Please gamble responsibly.
If you have questions or concerns about gambling or someone close to you,
please contact Connex Ontario at 1-866-531-2600 to speak to an advisor free of charge.
BidMGM operates pursuant to an operating agreement
with iGaming Ontario.
Again, I got certified in blockchain forensics analysis
and I was working for a crypto company.
I started writing blockchain code.
I started really understanding how a lot of these systems were working.
And I joined this case as a forensic analyst.
And when I went to DC, it was my time to give testimony. I didn't have a chance to give the testimony because the person that went before
me took a little too long. But while I was in D.C., there was issues with someone stalking me
and posting pictures while I was in D.C. Yes, it's real. And while I was coming back from the courthouse,
someone posted a picture of me with my team
and said, look who I found.
And then they were actually sitting in the courtroom
and this was a real deal.
Where did they post this?
On Twitter, on their Twitter page.
Do we have that tweet?
Oh, actually, yeah.
Keep talking, don't worry about it.
But yeah, so, and strangely, the person that posted this and their cohorts were saying, well, stalking is kind of a slippery slope word or something like that.
It's like they're saying stalking is kind of –
It's more like following closely.
Right?
So – but either way, so that was – I can say it's probably as an intimidation factor.
Like, hey, we know that you're being a part of this case.
Well, what happens actually in these criminal cases if you're going to be testifying is you have a lot of potential expert witnesses, and it's not until the judge decides, hey, you're qualified or you're going to be – you're able to testify.
And there's arguments on both sides why the prosecution's experts are not experts and why the defense's experts are not experts.
It's just normal. But the cybersecurity, more infosec community started spreading
propaganda that I was not qualified. And they were putting misinformation out that saying
that the prosecution said that I was unqualified due to X, Y, Z, which was not the fact.
In fact, in the document, in the final document that says I was withdrawn from this case, it was said I was withdrawn and for the reason that it was sealed.
The reason I was – yeah.
I'm going to editorialize right now too for people listening.
Obviously you can't share why that is or what that is,
but I have reviewed that evidence, and that is exactly what happened.
I'll leave it there.
Yeah, and that's the – yeah, so there's always this –
there's always going to be someone trying to discredit,
but there's a really big – this is where we start getting into – now we get into the Pegasus because it's like, well, he's been removed from this.
He's been removed from this, so he's not credible for this.
And it's just all these kind of nitpicky things.
It's just like, well, it's not the case.
It's not the truth.
So we jump into Pegasus, right?
And let's define it.
We started talking about that at the beginning just a little bit, but let's define it because, I mean, this is the most.
I remember I did a podcast number 70, I guess I was number 71 with Nick Castellucci, 72 with Nick Castellucci.
Check that number actually, Alessi. I'm blanking out right now. 70 was Louisa. 72 was Nick Castellucci. And he, he was a hacker.
He was actually caught up in the Xbox FIFA scandal.
If you remember that from years ago,
which was another whole crazy case.
But we talked a lot in the third hour about Pegasus and NSO and that I had looked at it before and I knew it was some crazy shit,
but I was talking with him off camera after that yeah as well blew my
mind how powerful this is and how controversial it is too because of where it emanates from and
what kinds of geopolitical implications that has but you know for people who want to understand
even just nso which is the company that that built it what do you know about them yeah so uh nso group has
been around for a while right let's just even pegasus can be traced back to uh like at least
2015 you know earliest and um yeah it's it's one of the most um let's just say, one of the most, I would say, in my opinion, one of the most dangerous pieces of surveillance software out there.
But with that said, the reason that these surveillance tools are developed are for a specific purpose, right?
And can they be misused? Absolutely.
But why would we have surveillance tools? And NSO Group's not the only one. You have Intellectual, which is another surveillance company. And you also have American, Paragon is an American surveillance. You have Chinese, iFlyTech – the list can go on of these surveillance tools, and they're meant for governments to monitor criminals or suspects.
And I know. It's meant for that, and this is where we get into that slippery slope area.
Okay. Oh, and probably change.
Oh, change your battery out? Yeah, go ahead. go ahead okay all right we'll be right back all right we're back we got this powered up now yeah it's good to go we're good
all right let's do it so yeah there's a there's a lot of different uh surveillance um technology
companies around the world and again you know peasus is an Israeli-based company.
Totally no controversy around that whatsoever.
There's always controversy. Yeah. But now that we're getting to the Pegasus part,
there is a pre-context that is very important as to, well, why did I get involved with these Pegasus cases?
Why did, you know, where did this come from?
So after the, you know, my bug bounty stuff and all these other things,
and while I was teaching these mobile forensics courses, I was approached by a man named Muhammad Al-Maskadi.
Sounds like a real straight shooter. Right.
And he was the director of a human rights group called the Frontline Defenders. That's not where
I was going with that. So keep going. Well, it does get a little sketchy. Okay. Really does. So you're not too far.
Nice guy, but – so he messaged me and he said, hey, would you mind teaching some of these human rights defenders some mobile forensics?
And he said specifically in these human rights defenders in Middle East, North Africa.
I said, well, absolutely.
Yeah, no problem.
Let me know.
Let's go. So I did. And at the time I was, I'm over here like, yeah, that's, you know, I'm reading
all this research that about the Pegasus and Amnesty International is a, is one of the, the,
the organizations that research is a lot into, into Pegasus and Amnesty International is one of the organizations that researches a lot into Pegasus.
And Amnesty International and the Citizen Lab are the main organizations.
One is an NGO.
Amnesty International is a non-governmental organization.
And then the Citizen Lab is a public policy institute out of Canada, which gets really strange.
Like, why are they involved in this it gets there's a
whole I'll hold off on yeah so um so they're the biggest ones that they confirm Pegasus spyware
cases around the world so they travel around the world um sometimes how do you confirm let's start
with that actually that's an important question how do you confirm I Let's start with that, actually. That's an important question. How do you confirm?
I hand you my phone.
I'll say, okay, Jonathan, I have Pegasus on this phone.
I'm certain of it.
Sure.
I give it to you.
What do you do?
So what I would do was first I would quarantine this device, right? And I would make sure that we're in a, like, call it a clean room,
which and with a Faraday cage and make sure that there's, you know, there's no, you know,
there's no outside, you know, cellular connections. But before that, if you suspected this,
well, we would definitely want to report this. We would want to report this to the
authorities. And because what, if you, if you believe that you're being surveilled,
you're, you're just a normal citizen. Is my phone surveilled if it's off?
I've seen someone say that they were able to pull information maybe back in the day. But right now, there was persistence.
There was a – when I say persistence, meaning if your phone is off,
there was a time when the surveillance technologies could persist.
Maybe there still is technologies.
So when you reboot it, it's still on there.
From research that's honestly just not even credible i the
answer is unclear let's just say that okay it's unclear because these these organizations are
super secretive and then actually capturing actually capturing the malware actually capturing
the spyware it's one of the most challenging things that you can, that you can do, but there are methods in which you can. Yeah. You said you're going to, you put
it in a Faraday cage, put it in a clean room. You call it a clean room. Let's like remove it from
any other, you know, devices around it. Let's, and then we start, we actually have the physical
device in our hands. Are there any computers in this room? Yeah. So we have a computer that's, that's, you know, removed from the internet. Right. Um, and, uh, and then we start
the, um, we start to clone or we attempt to clone your device because we don't want to compromise
the device. How does that work? All right. So this is where it gets a little challenging in the sense
that if you have an iPhone, um, cloning your iPhone is going to be tough without jailbreaking it.
But there are other methods that are able to extract a lot of data, but Androids are going to be a lot easier to clone.
And the purpose of cloning your device is that we don't want to
have any artifacts. We don't want to have any data that can come back and say,
oh, well, this was what affected the device. That's you. You didn't follow a process.
You didn't follow. It's called chain of custody, right? So the chain of custody of the
device is everything is logged. So when you're doing a mobile forensics, imagine like this is
a criminal case. If you're being surveilled, this is an illicit activity because you're just a normal
guy. You're not doing anything wrong. The chain of custody is we reported it. We have a court order.
We have the specialist that's, we have the team, We have the team. We have the quarantine. There's a whole
process to follow. And if you break that chain of custody, you may not even be able to admit this
device as evidence of a crime. That's how important a chain of custody is. It's just like with DNA evidence,
if your chain of custody is broken, right, then you can't submit this if you don't even have a
proper documentation of what happened. So along these lines, this is where the mobile forensics
comes in and understanding the process and what to do if you feel like you're being surveilled.
And so these companies – or it's not companies.
These organizations like Amnesty International or Citizen Lab tool called the MVT tool, which is the Mobile Device Verification Tool.
Yeah, you can pull that up.
It's MVT.
And I noticed that there was – this tool was very, very flawed.
So I started developing my own tool to detect Pegasus because at the time I was like – I loved the research that Amnesty was putting out.
I loved the research that Citizen Lab – and I was promoting their research without just blind, blind. Blind. Blind. Anything Muhammad would send me, he would leave me signal messages. Hey, I'm in Palestine and we found these human rights defenders that are targeted with Pegasus.
And you were just – And I'm like, yeah. Let me retweet that. Yeah, you're right. They are – and then –
It starts to get sketchy because when I saw the tool that they were using to identify the Pegasus infections,
I was like, wait a second. This isn't a forensics tool. This is like, what is this?
What were they using?
So one of the things with this MVT tool is it, the way that they're able to identify a
Pegasus infection is by what's called string matching.
So imagine they're looking at a text dictionary and this dictionary. So if your phone says the word sweater on it and their dictionary says sweater, you're infected.
Oh, it sounds crazy.
That simple.
That simple.
And I'm going to show you. And I did an experiment and i'll and i'll have you i'll have i'll have you pull it up no that's it's not even
a joke that's the dumbest thing i've ever heard on the shit not even not even joking like at all
and i'm going to show you i'm wondering if i'm like picturing that wrong because that's no you're
not you're not at all it's a string matching, like sweater, sweater infected. YouTube, YouTube infected.
Yeah, but that's not – so you're using an example like a hypothetical.
And I'll show you a real.
OK. I'll show you a real.
Yeah, I'll show you a real. So I'm going to send you a – I'm going to send you my GitHub.
So I did an experiment and I asked people to – a blind experiment. I asked for participants.
And –
When did you decide to do this?
So this was in 2000 – this was in 2022 when the Catalan Gate came out, which is – Catalan Gate is this scandal that – the largest spyware scandal in the world stating that 65 people from Spain have been targeted or infected with spyware.
And this was, yeah.
So let me get you this test.
So when you open this up, this is my GitHub repository in which i conducted experiments blind experiments with
i asked for volunteers hey i'm running these ex this experiment to see if i can infect you
with pegasus well obviously i don't have the pegasus software i don't have it but by reading
the software that this amnesty international releasing, it was clear that I could fake my infections and it was evidenced.
So if you scroll down and let's go down to like scroll down more and you'll see like there, right there. So you can see right here that this domain,
one, two, three tramites.com.
Now this is where we go back into like, all right.
So Amnesty and Citizen Lab says,
we found this website, one, two, three tramites.com
to be malicious.
Well, okay.
And how'd you do that? Yeah, how'd you do that?
Yeah, how'd you do that?
And they don't say.
And so I said, wow, so their code basically says if my phone finds one, two, three tramlights
and I run it through their program, it's going to come back as infected.
So if you scroll down, it says setting up the experiment right so I set up the experiment okay for this
experiment we're going to be focusing I'm reading now we're going to be focusing on iOS just as
Citizen Lab did according to their Catalan gate report one I found that the that running the
experiment via docker image was was easiest and did not produce any errors when installing the MVT tool.
I used an excellent repo from Defensive Lab Agency to help with the setup.
Two, open your Safari browser and go to the URL HTTPS. Stop there.
Okay.
All right.
So number two.
So literally what I'm saying is open, take your phone, your iPhone,
and in your Safari browser, go to the website 123tramites.com.
Yeah, that's what I'm saying.
Okay.
You can go ahead.
Okay.
You will get a blank page, but that is okay.
Do not close the browser tab.
It's okay if you switch apps.
Three, make sure you have WhatsApp installed on your mobile device and ensure you have at least one contact on WhatsApp you can message.
Four, we got to talk about WhatsApp. Yeah. Oh, that's wild. This is wild. WhatsApp installed on your mobile device and ensure you have at least one contact on WhatsApp you can message.
Four, we got to talk about WhatsApp.
Yeah.
Oh, that's wild.
This is wild.
Yeah, yeah.
Four, send the following URLs to someone in your WhatsApp contact list.
The URLs being sent via WhatsApp can be found here.
So then you list them all out.
And then steps five to seven instructions are in the step one link.
Five, take an encrypted backup of your mobile phone.
Six, once your backup is completed, decrypt the backup.
Seven, if you follow the instructions in step one, you should have a folder named IOC.
Do the following.
And it says the code. And then eight, next you will run the forensics tool and notice that you have positive results.
False positive.
Sorry, it should say false positive. Well positive positive for pegasus yeah correct positive yeah you said
yeah so if you so if you and then you have the next section called safari safari positive
so basically there's workarounds where if you type in sites that they already have listed on
theirs that could have that that if you just typed it just typed it
in so but that's such a weird site like i've never heard of one two three tramites.com well i bought
it you bought it i bought it what do you mean you bought it i actually bought the domain
but that was that actually like a pegasus host who knows ben you're on it now well but i own it
do you see what I'm saying
because
and this is what's weird
now let's talk about it
because
let's talk about it
because if you run the tool
and
and you go to my website
because I own
1-2-3-Tram-Lights.com
after doing this experiment
after doing this
and you go there
you're still gonna
it's gonna come back
with yep
you're infected with Pegasus come back with yep you're infected
with peg it wait it says you're infected with it literally says it right there it says matching
indicators from pegasus warning warning warning now are there any normal name sites like eapn.com
or something if someone types in espn wrong that are saying this? You're infected with Pegasus? You know what I mean?
Well, so
they have a whole list.
When I say
it's a text list,
it's like hundreds.
It used to be hundreds of thousands
that they whittled down to
thousands. And I say they, Amnesty
Citizen Lab, they whittled this
down to thousands of bad domains
wait what on what basis in what basis exactly so so this is the exact same question that myself
and 120 professors from around the world have been asking amnesty and the Citizen Lab, what is your methodology
to claim that these indicators of compromise, these websites are malicious?
Because this isn't computer science.
You prove nothing.
You have a text list.
And if that text list matches, you're infected.
So I did more experiments.
And what I found, so out of my nine, out of the nine people that I had do this blind experiment, it was like 89% were able to infect themselves.
One person wasn't even able to complete the experiment because they didn't have enough memory on their phone to complete a backup.
So going to the website manually on Safari
and then sending that domain in a WhatsApp message
came back as positive for infection.
And this is what they're using.
But here's the thing when this tool first came out in 2021 there's a tech crunch reporter um whitaker is his name
that he in the same day that this tool came out he he wrote mvt tool came out and we've already
detected false positives.
He wrote this.
Zach Whitaker is his name.
And if you can find the article, it's out there.
Zach Whitaker, false positives, Pegasus.
Exactly.
And it was the same day.
And so they are – I mean the person – an engineer that originally wrote this tool had already written a tool prior called Det d e k d e t k t or something along the line um do you find a second go back so positive exoplanet induced by stellar uh no
go to uh yeah type uh mv so zach whitt Zach Whitaker, MVT tool, false positive.
MVT, false positive.
False positives, yeah.
This tool, 2021?
Yes, yes, exactly.
All right, let's look at that.
This tool tells you if NSO's Pegasus spyware targeted your phone.
All right, scroll down.
Over the weekend, an international consortium of news outlets reported that several
authoritarian governments including mexico morocco and the united arab emirates used spyware developed
by nso group to hack into the phones of thousands of their most vocal critics including journalists
activists politicians and business executives a leaked list of 50 000 phone numbers of potential
surveillance targets was obtained by paris-based journalism non-profit Forbidden Stories and Amnesty International and shared with the reporting
consortium, including the Washington Post and The Guardian. Researchers analyzed the phones of
dozens of victims to confirm that they were targeted by the NSO's Pegasus spyware, which
can access all of your data on a person's phone. The reports also confirm new details of the
government customers themselves, which NSO Group closely guards. Hungary, a member of the government customers themselves which NSO group closely guards Hungary a member of the European Union where privacy from
surveillance is supposed to be a fundamental right for its 500 million
residents is named as an NSO customer the reporting shows for the first time
how many individuals are likely targets of NSO's intrusive device level
surveillance previous reporting had put the number of known victims in the
hundreds or more than a thousand NSso group sharply rejected the claims and so has long said that it doesn't know who its customers
target which it reiterated in a statement to tech crunch on monday researchers at amnesty whose work
was reviewed by the citizen lab at the university of toronto found that nso can deliver pegasus but
the new mitsubishi outlander brings out another side of you. Your regular side listens to classical music.
Your adventurous side rocks out with the dynamic sound Yamaha.
Regular you owns a library card.
Adventurous you owns the road with super all-wheel control.
Regular side, alone time.
Adventurous side journeys together with third row seating.
The new Outlander.
Bring out your adventurous side. Mitsubishi Motors. So you've always been picky about your produce.
But now you find yourself checking every label to make sure it's Canadian.
So be it.
At Sobeys, we always pick guaranteed fresh Canadian produce first.
Restrictions apply. See in-store or online for details.
Sending a victim a link in which when open infects the phone or silently and without any interaction at all through a zero-click exploit, which takes advantage of vulnerabilities in the
iPhone software like a zero day, I guess. Sure, yeah. Citizen Lab researcher Bill Marzak said
in a tweet the NSO zero clicks worked on iOS 14.6, which until today was the most up-to-date version.
Amnesty's researchers showed their work by publishing meticulously detailed technical notes and a toolkit that they said may help others identify if their phones have been targeted by Pegasus.
This might not be the article.
This is before he comes up with the false positive thing, right?
So it actually talks about the traces right here.
Yeah.
So read this.
The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently.
Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones. MVT will let you take an entire iPhone backup or a full system dump if you jailbreak your phone
and feed in for any indicators of compromise,
IOCs known to be used by NSO to deliver Pegasus,
such as domain names used in NSO's infrastructure
that might be sent by text message or email.
If you have an encrypted iPhone backup,
you can also use MVT to decrypt your backup
without having to
make a whole new copy. Alright scroll down. The toolkit works on the
command line so it's not a refined and polished user experience and requires
some basic knowledge of how to navigate the terminal. We got it working in about
10 minutes plus the time to create a fresh backup of an iPhone which you will
want to do if you want to check up to the hour to get the
toolkit ready to scan your phone for signs of pegasus you'll need to feed in amnesty's iocs
which it has on its github page anytime the indicators of compromise file updates okay so
this is this is important part okay right here keep reading so so i'll stop you right here yeah
so when it says you'll need to feed in amnesty's IOCs. These are these indicators. This is the list.
You need to feed in a list of domains,
a list of process, like a text list,
in order to see if these text lists matches what's on your phone.
If you go scroll back up,
just because the biggest scroll up,
scroll up into the image, that right there.
You see where it says warning, right?
It says found a known malicious file
at path see that says software update services d.p list yeah well it turns out that is a false
positive so if we go to you know that if you go to zach whitaker's twitter and actually actually type in MVT tool.
Actually, I'll pull it up for you.
He says false positive.
But this is in this warning and actually in Amnesty's code repository,
they said this is a false positive.
They label it as a false positive.
Yeah, and so I'll bring this up for you.
I'll bring the MSD GitHub up.
And I think it's going to be fair to mention too, while I bring this up,
I stepped back before I came on this podcast and I set my ego aside and I asked someone that's very critical of my work to fact check what I'm going to, some talking points that I'm actually speaking about. And
this is one of the talking points that he actually fact checked. And I'll show you the,
and I'll show you the communications with him because I, meaning he disagreed with what,
no, he agreed that what i'm probably yeah and i'll
show you these communications because it was i definitely put a lot and this is someone that's
very respected but all in the in cyber you know in tech community um but yes so the let me bring
up this um software update services d if we need to pause while I find it.
All right, we'll pause for one sec.
We'll be right back.
All right, we're back.
We were just going through the Wayback Machine trying to find this tweet because his tweets are now protected and none of us follow him.
And you were freaking out because you have literally every single piece of data bookmarked in your life.
But you're forgiven for this.
It's no problem.
Basically, he sent out a tweet on or around the same day, July 19, 2021, when the story came out, which described what?
And we're going to take your word for it.
Sure, sure.
Well, you don't have to take my word for it because in the article that he wrote, if we
can go back to the TechCrunch article for just a second what you're seeing right here
is the output of the MVT tool which is the tool that
is used to identify Pegasus that we were talking about
if you can see right here this it says warning right it says warning on it and
then it says
you know com.apple if you can click off of it
yeah so it says warning com.apple.softwareupdateservicesd.plist.
So this warning, it says it found a known suspicious file, found a known malicious file path to this location.
So if we go back to the tweet here, the author of the software, one of the main authors of this software, acknowledges that this piece of this indicator of compromise or this malicious property list is a false positive.
So we don't – you don't have to take my word for it because it's right in front of you. It says what Zach experienced when he posted that screenshot is a false positive.
He shouldn't have got it.
And so this was posted in a GitHub repository.
So it begs the question –
Why are they doing this?
Right.
And it's international.
These other organizations, why are they so lined up against NSO?
And what is – sure. And Amnesty International, these other organizations, why are they so lined up against NSO? Sure, and what methodology are you using to determine if this device is infected?
And this is a very – this is a common issue with them they acknowledge so we go back to um so we're we're in 2021 at this point when these
when this tool came out in 2021 came this report it's called um it's called the uh
forensics methodology uh to detect pegasus and it was released by Amnesty International and peer reviewed, verified by citizen lab.
Now, can you even call that a peer review?
Exactly. You can't. And, and this is where it gets very tricky.
If we go into my, if, and, and we go into the highlights of my, um,
of my, of my page.
So if you go into the Twitter and you go into the highlights, right, yeah, and highlights,
a couple of things. So scroll down, please, and
we're going to find, go scroll down and it's going to say uncovering
the Citizen Lab, which is the first report which caused the most controversy.
Just keep scrolling down.
And scrolling down almost there there right so click
into it click into do you have this over here yeah can you hand this to me one of
these thick ass white papers yeah this one has questions on this stuff but I
don't want to get you off track yeah this one's 60 pages but so if you click out of it and then you actually go into the thread, right,
you're going to – so yeah.
So scroll down.
So we're going to start to see a couple of things, right?
So this was not just – I was very interested to see –
I wanted to understand the background of the Citizen Lab, more of a background.
And I found things that were very controversial and not mentioned at the time.
So as you can see here, if you can blow up that image.
Yeah, it says one of the quotes that I found and the sources on the, it'll be on a next
tweet, but it's from the Toronto Star.
It says, the Citizen Lab, this is the reporter reporting on the Citizen Lab.
It says, Citizen Lab uses techniques of spies to secretly deploy software it developed that automatically checks for censored websites inside various countries sometimes the lab performs tests remotely taking control of
unprotected computers inside the sensory censoring country without permission this poses an ethical
controversy but debert ron debert the director of the csn lab says it's for the greater good
we don't worry about that so they're okay so this is one of the slippery slope things they are trying
to help so to speak in countries where things are censored, but they are breaking international laws.
Absolutely. So let's go back one and it gets even more deliberate. So let's scroll down to not that one. The next one. Wait, sorry. Go down. Sorry. Sorry. Yeah, down. Right way right um down one or down more
down more sorry right there yes now um let's see
um no go go down okay well this is this is actually good, but let's click out of that. And now let's go back.
Oh, wait, right here.
Okay.
So this is, again, the quote from the Toronto Star.
The lab even has black boxes, mini-sized computers that can be planted discreetly inside these countries to run the tests.
This kind of research is illegal in almost every country we do it in.
Okay.
He specifically says that himself.
It's damning.
And I'm thinking the fact that they're a private organization is what makes this concerning.
Because I can tell you like –
They're part of the university.
Yeah, but rooting for like Team USA, which is not necessarily what this is at all.
Sure.
You know, like if I found out the NSA was doing this to Iranan sign me up baby let's fucking go sure right but this is like a private
yeah organization in the name of human rights right it's a little murky no this this is but
this is what's happening like this is this is like how does this affect pegasus right so so this all
the all falls in line because what what is there what's the motive? You're already doing illegal things first off. You're admitting to doing illegal things. You're putting out software and making claims without any evidence to support your claims you're accusing countries of doing the exact same thing that you
were doing to them like you were what's actually happening what are what are we what are we how
can we believe what you're saying when you admit that you're illicitly deploying software
in breaking international laws and people are just brushing it off.
Because you're the same as them, so to speak, if that's the argument.
And so now we start to get more into it.
So the Catalan gate, which is the document that you have in front of you, is –
This is available online, right?
It's available online.
It's on ResearchGate.
Anyone can download it.
And there's a lot into this.
If we go back up into another one of the highlighted sections that you were on before.
Right there?
Right here.
Certainly this one there.
Okay.
This is a quote from a PhD computer scientist from Turkey who wrote a white paper against the Citizen Lab saying,
you don't have any scientific methodology to accuse us of Turkey of espionage.
You're not providing anything that we can validate, falsify, corroborate.
We can't test anything.
You've accused us of espionage with
with no grounds and he says um specifically that uh you know it you know you you can't accept this
disciplinary research under any circumstances is what he's specifically saying about about citizen
labs um about citizen labs uh research he's PhD computer scientist. And, and this is not
the only one, right? There's another, there's in 2021, a French computer scientist, PhD computer
scientist, uh, Nadim Kobasi. And we can, we can find him if you even just go to my Twitter and you,
um, type in Nadeem,
then you'll actually see screenshots and it's still available. He calls out the Citizen Lab and Amnesty International saying,
this isn't sound science.
You guys have, it's all conjecture.
So yeah, if you search Nadeem, you'll find,
yeah, so do in the search bar type at jonathan data one and and then search within that again you should be able to search within that right
now because yeah and then yeah type nadim n-a-d-i-m n-a-d-I-M. I-M. Yeah. And push enter.
And I cite him in my blog post. Type in Jonathan's name too.
Or actually go to the NSO Through the Veil at the top tab next to the Twitter.
The tab.
Yeah, the next tab over that you have.
So you have top latest
at the very top tab
up up up
up up further
up to where
past the URL bar
ok up here
yes go to the
article
you can close that one out
and see the
NSO through the veil yeah
see the nso through the veil yeah yeah people i'm sorry there's like a lot of directing around here
but there are a fuck ton of links so you're gonna have to understand at home this is a lot of
intricate details close that on the far right there's an x that you can close that side out
yeah we don't need that anymore and then just uh command f and type uh nadim
i think no he's not in no he's not in that one okay who was this guy again so he's a phd computer
scientist from uh france and i will bring it up when my computer gets back charged to see if it's got something um and keep that over here because that's like sure sure sure um then uh what he he refutes he refutes what amnesty international
and citizen lab have have um have released and um this is really important because
now we have on what basis does he refute it there is no scientific way to um they're not using a
scientific methodology when they're present to when they're presenting their their their
what they call evidence that pegasus is infecting all this stuff exactly right and so i'm actually
my computer's up so let me look for this real quick and And I'll – oh, it's dead again. Oh, come on.
Yeah, not having the charger, bro.
I know.
Rookie mistake.
I know, rookie mistake.
Because you have a different type of – by the way,
here's a different type of charger than we do.
Otherwise, we'd give you ours.
So actually go into my Medium article.
See my picture down?
See my picture?
Click there.
And then go into debunking runa sandovich catalan
gate and then type in nadim n-a-d-i-m there we go yes right here yes and you can actually see
i saved the screenshots but you can go to the link itself so if you scroll down you want to
go on the twitter oh you can you can go to the twitter yeah or you can look at yeah sure
let's look at it so he specifically says i decided to give a recent peg uh pegasus coverage the
benefit of the doubt and spent time looking at this and um if you if you actually scroll like
go into the tweet um so uh not picture itself, but go into the thread.
Yeah, so scroll down.
Yeah.
Yeah.
So he starts talking about that this is standard evidence used to make a moderate high confidence attributions.
Scroll down.
Go into the blog post.
I took the screenshot specifically.
That one.
Yes, it says a number of researchers have been pointing out the bankrupt scientific methodology that Citizen Lab have been applying to their forensics reports only to meet with predictable Twitter ad hominems.
So this is a big deal.
He's saying, and which is Dr. Jose Olivas is one of the people that he tags in there, and then Irina Zuckerman is an American human rights lawyer.
They're researchers and trying to understand why these claims are being made.
So Nadeem is saying this scientific methodology is it's bankrupt like there's there's nothing like it has no has nothing no substantial
evidence to make the claim that you're infected with pegasus at all and anyone that challenges
them you get a twitter mob on you you get this i mean they just attack which could be bots
but these are like a lot of these people are, like, death threats.
Oh, yeah.
Yeah, it could half be bots.
It could be, but it's massive.
And it's death threats when they do that.
Yeah, it's massive.
And so now we can see, all right, there's even more, right?
This is a classical, what's it say?
You can actually click on the image, the second image down there.
It's a classical, the ends justify the means scenario.
They exaggerate results. Yep. Force themselves to provide attribution based on tortured pseudo-evidence, all in order to raise awareness but also to satisfy pre-existing political biases and agendas.
I wish that would stop.
Yeah.
Yep.
This is a common problem, and I've run into this on other situations besides this. I look at it across different spectrums of whatever, and there's a thing that happens when people have a core belief on their side as an example i'll use a broad one people should not be killed by their government
for no reason that's just the right thing sure there's no one if you disagree with that then
you're a fucking idiot sure right so then they use that and then anything that you do to question
the means that they are using to justify that ends they say oh well you want them
all dead don't you yeah fuck you yeah absolutely and so that is it appears that is the same hatchet
job which is what it is yeah being used here yeah and this that's the common theme and again And these 120 – now over 120 professors have petitioned the Citizen Lab several times, not one or two, but three times.
They petitioned them to provide evidence of the methodologies they're using because this is affecting countries.
Entire nations are being affected because the claims that Amnesty and Citizen Lab are saying is,
this country spied on these human rights defenders.
Now, let's have resolutions against them.
And so they're going to European Parliament, Catalan Parliament, Spanish Senate,
U.S. House Intelligence Committee, and they're putting all these claims in front of them, all these governing bodies, and saying, we have the evidence that these nations, Morocco, Rwanda, Spain, Hungary, List, Turkey, all these countries are engaging in digital espionage.
Here's the proof.
Wait a second.
You showed us a video before we got on air today it was on your
youtube channel unless you can you pull that one up the one jamal where yes the one about jamal
kashoggi yes this is important youtube channel this was fucking hilarious yeah so jamal kashoggi
for people out there don't remember that story he was the washington post journalist expat from
saudi arabia who was a part of a powerful family there by the way but
he spoke out against mbs and the saudi regime in his journalism and he was executed in the saudi
embassy in the saudi consulate it was consulate or embassy uh i think it was embassy i think
whatever in the saudi something on turkish soil before we play this video. Yeah. And that was back in 2018.
It was blatant.
It was clear Mohammed bin Salman was rumored to have been, and they have good evidence to say he was actually on the TV screen
in the conference room as they killed him.
His body was carried out of there in bags and never seen again,
and pretty much Saudi Arabia got away with it.
So in the aftermath, naturally, people are pissed at Saudi Arabia over what happened here.
Again, let's start with the top here.
Government kills journalist.
Bad.
Very bad.
I completely agree.
But now look at some of the shit they're doing to try to claim it's something else.
Exactly.
All right.
Let's hit this video.
The one truth, Pegasus.
Okay. Let's get some volume on it.
Was also being surveilled.
Is there any doubt in your mind that Mr. Khashoggi was also being surveilled this way?
So it is 100% clear that he received one of these text messages containing a link.
Jamal Khashoggi was targeted as well, was he not?
Both Jamal's wife and his fiance were targeted with Pegasus spyware.
This is not uncommon to see targeting around a person.
In the case of Jamal specifically, we don't have access to a device in order to do that analysis.
Whoa.
Hold on.
So he comes out and he says, yeah, they were definitely, they were totally, it was like a South Park episode.
You said 100%.
They were totally targeted.
They were totally targeted, 100%, man.
I'm telling you.
Yeah.
And then they're like, but we don't have access to his advice.
But they were targeted.
Believe me.
Yeah.
And so the anti-fans said, oh, well, Jonathan clipped that CNN video and he's not even talking about Jamaka.
So he's talking about somebody else.
And I said, well, you know, it's funny because in 2018,
another media outlet actually transcribed that CNN video and said the exact same thing, posted the exact same thing.
And you can't, you can't, what, are you going to say that that,
it's a major Spanish media outlet that posted this and thinking, okay, what – but how is it that you go from 100% positive to – no, we never had the device.
I feel like it's like you should play like the theme for –
Curb Your Enthusiasm.
Curb Your Enthusiasm right after.
Absolutely. Absolutely.
Absolutely.
Because what is going on?
And so, again, common theme.
Now, the Catalan Gate is still ongoing.
There's still – one of the things with the Catalan gate is it turns out one of the people that was spied on
and was a Spanish member of parliament. Well, at the, the end of the end of December,
2000 and 2022, the citizen lab said, Hey guys, we, we messed messed up um this this man was never spied on we confused
his name with somebody else's name and they wrote they wrote a retract they wrote a article you can
actually go to it good for them yeah they and but But he had already for six months and plus, I think eight months, given testimony, I've been spied on.
My life's in shambles.
Well, he was told he had been.
He was told.
Right.
Right?
And he's a member of parliament.
And his testimony was inserted in this human rights abuse draft from this committee, and then they just – let's just remove that.
What is – this is the $10 million question beneath all this that some people are probably wondering right now.
What is the political agenda here?
Why – because you had said before we went on there
there's a political agenda to it why do human rights organizations i i understand why they
care about people being spied on yeah totally get that but if they're cutting all these corners to
claim that this specific company nso yeah is doing it with their product pegasus and let's say behind
the scenes they know that at least in
some level they're probably wrong about some of the cases at least or you know sure i don't think
all of them but maybe they're wrong about most of them why are they so hell-bent on attacking
this company what what is it just because this company has taken whatever clients will pay around
the world for the product which
i don't know if you said that on air like how expensive it is yeah which i think there's a
video that that will for when we get into the rwanda case that we watched yeah this part in
order to understand this part what's the political you know motivation what's the agenda we need to
go back to who's funding them. Who's funding –
Human Rights Watch and Amnesty International?
Yeah.
Well, who's funding Amnesty and Citizen Lab, Human – and it all comes down to an organization, a think tank called the Ford Foundation.
Now, the Ford Foundation is known to –
How do you spell that?
Ford, like Henry Ford.
Okay.
Yeah.
Yeah.
So the Ford Foundation is known to be an anti-Semitic organization.
And I say this with confidence because they were actually – I don't want to say the word sanctioned.
They were fined by the United States Senator Nadler.
Jerry Nadler.
Yeah.
For funding.
They were fined for funding.
And you can find this Jerry Nadler Ford Foundation.
Is it related to Henry Ford?
Oh, yeah.
It's the same company?
It's the same.
Yeah, it's the same company same yeah it's the same
oh he didn't like jews too much exactly exactly so when you look at the people so you get the
ford foundation uh nadler type it like nad anti-semitism oh dude it's just everywhere like
literally everywhere and so nadler said you guys are funding white supremacist groups and we caught you and they're like yeah
i mean a very tired line from him they're like yeah yeah i mean i yeah we are but we won't do
it again i mean we it's fine right and and so then they're like okay well we'll pay the fine
and so we have to go back into the history of like what – well, why – who is funding the anti-Israeli organizations?
Ford.
Ford.
Then we go into who is the MacArthur Foundation.
And one of the things that – so MacArthur Foundation is another foundation.
So think about –
Who's MacArthur? The MacArthur Foundation is like a – I don't think it's – it's not a think tank.
It's a nonprofit organization that gives –
Who's MacArthur?
Who's an investor?
We have to look up.
It's like – it was a – yeah, we have to look up who's MacArthur.
The John D. and Catherine T. MacArthur Foundation is a private foundation that makes grants and impact investments to support nonprofit orgs in approximately 117 countries around the world.
It has an endowment of $7.6 billion and provides approximately $260 million annually in grants and impact investments.
Founders hit John D. MacArthur.
Yeah, good call.
So go back to my –
Who is this guy?
American – whenever you see the word magnet, bro.
Magnet, you're done.
That's it.
All right, hit Wikipedia.
John Donald MacArthur was an American insurance magnate,
real estate investor, and philanthropist
who established...
He died in 78.
Sounds like a...
Yeah.
Okay.
So if you go back to my Twitter
and go back to the highlights...
Died in West Palm Beach.
A rich man.
Okay.
Okay.
Go back to my highlights.
On your actual page?
In my page, yeah.
Okay.
And then scroll down and you'll see.
What date are we looking at?
You'll see there's not too many highlights.
MacArthur.
Scroll down.
Right there, right there.
Okay.
Click on that image.
There we go.
Okay.
Now, check this out
ever feel like your wordpress site is moving in slow motion switch to kinsta's managed hosting for wordpress and watch it fly host your site on google cloud's fastest servers with worldwide data
centers so your pages load instantly need help word WordPress experts respond in under two minutes and will migrate to
your site for free. Try it yourself. First month free at Kinsta.com. That's K-I-N-S-T-A dot com.
Kinsta. Simply better hosting. Ever feel like your WordPress site is moving in slow motion?
Switch to Kinsta's managed hosting for WordPress and watch it fly.
Host your site on Google Cloud's fastest servers with worldwide data centers so your pages load instantly. Need help? WordPress experts respond in under two minutes and will migrate to your
site for free. Try it yourself. First month free at kinsta.com. That's K-I-N-S-T-A dot com. Kinsta, simply better hosting.
If you were claiming to be the peer reviewer of a methodology, but you're funded by the same –
Yes.
Yeah.
You get it?
Yeah.
Follow the money.
100%.
Follow the money. And the thing is this.
So my colleague, Dr. Jose Olivas, who is a professor at the London School of Economics, by the way.
Shit school.
Horrible.
He hates it.
Yeah, amazing researcher and professor.
He's petitioned the Citizen Lab and all these other entities to say
who who's funding you who is funding you how how is this like why is this you know why are you not
disclosing this now let's get into apple whatsapp all right so there are things that we do know
apple and whatsapp are two separate things. Oh, they are.
But they're still tied to all of this.
iOS.
Well, they're tied to this issue, let's call it.
Now, one of the things that Apple does is they'll send you a text message to say,
hey, you know what?
We know that your phone is being spied on what the hell wait really i'm not joking go to google and type in apple threat notifications
so apple's sending you a text message and saying we we know that you're spot so get them the fuck
out wait apple wait but i'm thinking wait hold on yeah apple's
threat notifications you can click on one and these in these you know alert state sponsors
state sponsored attackers may be targeting your eyes is real can you imagine like yeah janet the
secretary getting this like what the fuck what just happened am i being phished and so and you
go to like one of the pop-ups because it comes up in a pop-up you can see it like one of the other images um like of the actual phone or like these are the messages
yeah exactly so so people are posting us on i'm being attacked by pegasus and and no one's asking
well how did apple know hey guys if you have a second please be sure to share this episode around
on social media and with your friends whether whether it's Reddit, Instagram, Facebook, Twitter, doesn't matter. It's all a huge help. It gets new eyeballs on the show, and it allows us to grow and survive.
So thank you to all of you who have already been doing that, and thank you to all of you who are going to do so now.
How would they – well, could they know what the software is so but i guess people say well we
allow we signed the agreement that says apple can monitor anything that we do so what of course
they're gonna hold on wait a second no one's asking that question why is Apple monitoring my device for this?
Well, there was an initiative that came about in which Apple partnered with the Citizen Lab, of course,
and their partner with Ford Foundation.
And Apple said, here's $10 million to help us find pegasus on iphones
and one of the questions so the catalan gate is a very very uh particular case because
there was a member of european parliament called named jáñaz, who sent a request for information to Ron Deibert, the director of the Citizen Lab, which, by the way, in 2001 is when the Citizen Lab started.
The organization that started the Citizen Lab, funded it, was the Ford Foundation.
Of course. and lab funded it was the ford foundation of course so and so this member of european parliament
sends the director a list of questions and says have you ever worked with apple before you have
made all of these claims and he says no we've never worked with apple but in fact they had
worked with apple and apple had and have you ever been funded by them? Have you ever been given anything? And it's very explicit in which Apple says, yeah, we're working with the Citizen Lab and we're offering them security resources, threat researchers. We're giving them our people. But they said, no, we've never done that before.
Now, we go back into the Catalan gate.
Now, this is one of the things about the cybersecurity industry
and InfoSec specifically that is very troubling.
My specialty, as I mentioned,
it's very, very niche.
I'm not going to do things
that I don't know how to do or claim.
But if you brought in another cybersecurity expert,
they say, oh yeah, I'm going to speak on anything
because I'm in cybersecurity.
Wait, hold on.
You can't just speak on anything.
You don't have the training.
You don't have the expertise. And the reason I mentioned this is one of the people involved in the Cattle and Gain, this is so silly, this is unbelievable, was a man that his name is Elias, he said he was a high-ranking telegram officer.
And, well, it turns out he never worked for telegram.
And the Citizen Lab decided to hire him as a forensics expert,
in which he's never done this before.
So he was one of the people that was he's a charlatan but they elias campo is his name and there's articles about it telegram spokesman
came out and said never worked no he was like an like a intern or something of this sort but
was never like a high ranking like no shit yeah and but
they put this guy on you know under oath and was like did you perform these forensics analysis
i guess he performed some what did he perform what what is it that he performed on these devices how
would he know what he's looking at like who who is you know who is super where did he get his
training where did he go to college where did he get his his is super, where did he get his training? Where did he go to college? Where did he get his master's? Where did he get his doctorate, right? And this is important because there was a member of European Parliament that had tweeted at me at one point and said, we are not going to accept you as an expert witness in European Parliament until you finish your doctorate. Once you finish
your doctorate, then we'll consider. But I'm thinking, how does Elias Campo get to perform
forensic analysis and speak in front of the entire European Parliament and speak in front
of Catalan Parliament and give his expert testimony? And these are the troubling things
because this is a common theme
where the people watching this podcast
are going to say,
Jonathan's a fraud.
He's this and this and this.
And no one ever asks them,
what do you do?
What is your specialty?
Well, it doesn't matter.
Well, these are very important.
These are very important things.
And as it pertains,
because the ultimate
issue, again, is that entire countries are being affected by these false accusations
of human rights abuses. And I say this with confidence, because now I'm going to jump into what happens. What is the consequence of reporting these Pegasus infections while knowing that you have false positives in your report? very clear you are on trial for murder and the prosecution is withholding evidence that could
exonerate you because they found false positives in your dna sample so you go to jail for 10 years
until finally someone figures out wait the, the prosecution withheld this.
And you've heard of cases like this before, right?
Oh, yeah.
Oh, yeah.
And this is exactly what's happening within European Parliament, right, in the case of Rwanda and Morocco specifically.
The Rwanda thing, we're going to talk about that.
It's nuts.
If you've seen the movie Hotel Rwanda, you're right in the middle of it.
Absolutely.
So we'll jump into the Rwanda piece right now well finish this point yeah well
that's it so it's all tying together okay so in the case of of Kareem Kanemba
which is a Rwandan Belgian American that is alleged she alleged to be infected with pegasus many times but who is she she is the
adopted daughter of paul russessa bagina who is the don cheetle main main character of hotel
rwanda played by don cheetle oh i was on his page his w Wikipedia about – this was probably two years ago because I love that movie.
I've seen it several times and I forget like some rabbit hole happened.
I'm like, oh, I wonder what that guy is up to.
And I started reading it and I was like, holy fuck, bro.
So before you even get into the story of him during the Rwanda genocide in 94 with again if you haven't seen the movie hotel
rwanda it is a great movie it turns out some of its fiction but yeah you know he was this guy who
owned a hotel while the while the hutus were massacring the tootsies and the way the story
goes is he had all these tootsies and moderate Hutus put up at his hotel and basically saved their
lives and was this hero but when I was reading his Wikipedia there was this whole thing where
there was an FBI sting he had been living in San Antonio where you're from ironically
and had been deported back to fucking Rwanda and he was sitting in Rwandan prison I was like, oh my god. So what happened here?
So all of this that sounds just wild ties together.
So the case of – the Rwandan case is heavily based around this man, Paul Rusesabagina, again, the main character of this film. And his adoptive daughter, Kareem Kanemba says, I have been infected with Pegasus
one week. She said this claims like one week after her father was allegedly kidnapped
from Texas to Kigali, Rwanda. With the FBI's help, which is why they put that in there. Well, the Rwandan government
set up a sting operation, and I'll walk you through the exact events that happened. But
this part is important because this happened in 2020. The alleged infection of her phone, the first alleged infection of her phone,
happened one week after his kidnapping in 2020.
She never tells House Intelligence Committee about this.
She tells a reporter that this actually happened.
And then she says she destroyed that device.
Yes.
She says she destroyed that device. Yes. She says she destroyed that device.
But the Citizen Lab was the one that actually helped her determine that she was being spied on.
You showed me a video, though.
Oh, yeah.
That was her third.
In reality, that's her third device.
And this is where it gets really, really shady.
Because she never tells anyone about the first device.
The only way I found out about it was through interviews that she gave in 2020.
2021 is when she says her second device is infected.
Now, how does this all tie into Paul Rose's beginning?
I'm going to give you a little backstory on when his daughter says she specifically that he was kidnapped from San Antonio through Dubai to Kigali.
Right.
False.
Absolutely false.
Even reporters have called this out.
American reporters have said this is not a kidnapping.
This is a sting operation.
And why would they do a sting operation?
Well. Yeah. And how do you differentiate the two in this context absolutely well what happened was
over time when uh you know after the uh the genocide against the tutsi had occurred the
he was this hotel manager paul russes bagina, had these radical ideals and left Rwanda, went to Belgium.
And then when this movie Hotel Rwanda came out in 2004 –
Yeah, exactly.
Ten years after.
Right.
He received this Presidential Medal of Freedom.
Damn it, W.
Yeah, right?
No homework.
And so he – at this time, he had made friends with Senator Kruger, who was an ambassador.
I believe it was to Burundi.
And this – so they made friends.
So this is why he moved to San Antonio because the Krugers lived in San Antonio.
Is that Diane Kruger or did I make that up?
I think you're right. Diane Kruger. Yeah. Pretty sure crew yeah pretty sure around in my head pretty sure diane kruger yeah
and so they which is actually now like um they're they're related in the sense that it was uh it's
his wife's paul russes begin his uh wife's godmother is diane kruger it's interesting
dynamic but either way they became became very, very close.
That one?
Maybe not.
See, I did make that up.
That's the hot actress.
Wait, go to Senator Kruger.
Type in Senator Kruger's wife.
Yeah, Senator Kruger's wife.
I thought her name sounded right.
Let's see.
Hold on.
Liz Kruger, a member of the New York State Senate?
Kathleen.
Kathleen Kruger.
Kathleen Tobin?
Well, I think it's probably her name.
It used to be Kruger?
It used to be Kruger.
Yeah.
Yeah, Kathleen.
That's her name.
Bob Kruger was married to former Kathleen Tobin of Bandera, Texas, who co-authored the book From Bloodshed to Hope in Burundi.
Okay, yeah, that's her.
Right, that's her.
And so they became very close.
Now, he started up this,
he, as in Paul Rusesabagina,
started the Hotel Rwanda Rusesabagina Foundation
where they would shadily intake money,
which is, there's a whole thing with that.
Is that that report over there?
Yeah, absolutely.
Give me that report. I mean absolutely i mean that report and look at that
thick sucker so so he starts gaining all this international fame as starts speaking engagements
etc etc and well he becomes the president of this political organization that,
let's say, meshed or not meshed.
They essentially came to, how do I say it? They formed – his political organization and a militia, an armed militia group came together and they were called the FLN.
Now, and this is –
He's operating on San Antonio.
He's operating on San Antonio.
This sounds a lot like Frank Amadeo.
So he's funding this militia, this armed militia group called the FLN.
Because he don't like Kagame.
Because he doesn't like Paul Kagame.
He's in charge of Rwanda.
Right.
And so he's speaking out against Kagame.
And he even says, I'm going to run for president of Rwanda.
From San Antonio.
From San Antonio.
That'll go well.
Kruger said, wow, this is great. Let's do a press release.
And everyone's like, wait, you can't. First off, the
bylaws in Rwanda say that you actually have to live here to be actually running.
But at this point, the FBI
gets involved because Rwanda sends a request for information about the – western union transfers that he's sending from a supermarket
to this to this general or sorry this major god damn it and and they're like yeah sure so the fbi
and this is stamped documents from the fbi and then uh and, and they're like, okay, great. Well, let me, let me go. So
they said, well, let me ask the Belgian intelligence and Belgian police to now investigate the other
people that are helping him in Belgium, like write this terrorist manifestos. And so, yeah, so fast forward.
Ends up that his funding of terrorism kills nine Rwandans and his armed militia.
You can find this.
You can see the FLN.
Quick question.
Yeah.
I have to ask this.
Yeah.
There's a dangerous quote that floats around yeah i think you know what i'm
going to say sure but it goes one man's terrorist and is another man's freedom fighter okay
certainly a lot of situations where it does not apply yeah is there anything to support the idea
that what he was funding was actually truly trying to fight against say
tyrannical objectives of kagame well no because these people were on a bus and they opened fire
oh on a bus so there's nothing they were on your christian they yeah they were unarmed that's bad
right yeah it's very very bad like they like burned to death they were
like shot to death they were unarmed civilians like going about their day and this they they
died and this was a big deal obviously because well well what? So there's investigations in this, and obviously they trace it back to, yes, this was – the FLN websites that are promoting this violent actions in order
to maintain dominance in Rwanda so that they can build up a larger militia and overthrow
President Kagame. It's just wild and just absolutely wild. So the sting operation was executed and President Kagame said it was
flawless is what he said. He said it was flawless. So what they did was because Rusesabagina
had a contact in Burundi. He was a preacher. And he said, hey, Ruseswagina, we're going to meet with our people in Burundi, which is a country right below Rwanda.
And we're going to meet with our people and discuss our next event or attack or whatever and whatnot.
And he says, yeah, sure.
And this is during COVID, uh, 2020. So he flies from San
Antonio to Qatar, then, uh, takes a rest in a hotel in Qatar for a little bit, then jumps on
a private plane. What, um, what kind of a preacher in Burundi do you think would have a private jet
but he didn't think anything of it because that's just his name isn't schmol ostein
that's yes like this is how he rolls like this i mean you're talking about like yeah i got my
i'm gonna recess i'm gonna pick you up on my private jet real quick in qatar so he's like all right yeah and then he so when he wakes up he's not in
burundi he's in kigali and you've got you know intelligence you know and and officers like
arresting him and then you know taking him to to prison and he's like i've been kidnapped
wait hold on you were you were tricked this. Wait, hold on. You were tricked.
This is what a sting operation is.
You were tricked.
And this minister admits in court, yes, I was part of the sting operation.
So he says it under oath.
He's like, I was part of the sting operation.
I did this because he got immunity.
That's how it goes.
That's how it goes. That's how it goes.
That's how it goes.
And so the argument then from his daughter's side is he was kidnapped.
So what does she do?
She goes to Kathleen Kruger. She goes to the senators from Texas, the Democrats, and says, my father has been kidnapped.
He's a human rights advocate. It's illegal detention.
They're not feeding him. They're not giving him – they're putting him – he has a heart condition. Did she have any contact with him? Was she allowed to contact him at all?
Before she was allowed to contact with him, I wrote in my report that she said,
she said, it's somewhere in the beginning, it's that she says, we, we know, we know that he's being mistreated. We know that he's not being given. And she might be right. But like to say,
we know without knowing. Absolutely. And so, so she of this information out to media and it's a storm, right?
He's been kidnapped.
Well, it turns out that media starts retracting and saying, well, we can't really say he's been kidnapped because there's evidence that he's funding terrorism.
And we have a lot of proof that he's been funding terrorists and these nine people died and it's a
whole the fbi's involved like that all these documents are showing that your father is like
not not he's not this you know on that note you want to talk about what you uncovered about
his history during the war oh absolutely because this is right in that vein so we should cover that right now and again this is important in the report that i wrote because
i had to understand the history of paul recessa baghina now in the movie hotel rwanda um he
alleges that he that he he specifically alleges that he saved you know over 2 000 people that
many uh yes what he says.
He says with his own words, like I saved – and his daughter pushes the same narrative to over 2,000 people.
Well, it turns out – and he says, I saved all of these people in the hotel room.
That's the quote from the – oh, yeah.
Keep going.
I'm right on it.
Yeah.
So he says, I saved these people.
And so these declassified documents came out from the National Archives in which the – a general from the UNMAR, this is the United – UN Peacekeepers.
People are frustrated about this film.
All around the world, they're like, these events are false.
He did not save anyone at the Hotel Mille Collines.
It was the UN peacekeepers and Congolese Brazzaville peacekeepers that were helping everyone and taking fire.
And even one of the Congolese Brazzaville peacekeepers was blown up right in front of the hotel.
And this man is taking all the credit.
And so this general was –
General Dallaire.
Yes.
Who's Nick Nolte in the movie.
Yes, exactly.
So he's upset about this and he tells – and if you want to read specifically –
You want me to read the Q&A back and forth?
Is that what you want?
I think there's a part where it explicitly states that Rusesab Bagheena did not, and it's probably an italics.
Here, you go take a look.
Yeah, it's definitely an italics.
But there's a back and forth because this guy was upset how he was portrayed in the movie.
Absolutely.
Because he was portrayed – I mean he was in the right role.
He was a UN peacekeeper, a general.
He was from Canada, right?
I think. keeper a general who's from canada right i think and and so he was upset though because the movie
made him a part of this plot that like this recessive bikini was the guy who was this
benevolent hotel owner who was who saved all these people when in reality and i think you
have it right there yeah right here yep yeah so exactly so this this is a quote from these
declassified these declassified top secretsecret documents were released by the US National Archives in 2014 regarding the Rwandan conflict, the genocide of the National Security Archives, Tom Blanton, and Lieutenant
General Romeo Dallarae. He was a force commander of the United Nations Assistance Mission for
Rwanda. He says, quote, I would like you to acknowledge the role played by those UNAMIR
troops who stayed in Rwanda, including the troops from Congo Brazzaville, who were the ones who saved the people at the Hotel Mille Collines, not the hotel manager, Paul Rusesabagina.
I mean…
Now, is this one man's word against another man's though?
No. This is the word of many other people. And so I thought I need to actually have more sources. Like I need to have more people to corroborate this.
So journalists even are corroborating this.
You found journalists?
Absolutely.
Who are they?
I can read this for you.
Please.
Right.
So one of the journalists specifically says – let's see.
This is another – okay. So one of the journalists is writing in a communication.
A communication?
A communication wire back to the US.
His name was redacted, but it does have the records in – that can – it literally says redacted in here, but okay. It says, so the UNAMIR continued its efforts
to evacuate people caught between the lines
and evacuated 246 people from the Hotel Mucullin
and 290 from the stadium in Kigali yesterday.
The situation in Kigali was tense
and there was exchange of heavy artillery fire yesterday.
Some government forces had been seen moving south, but there was no significant changes in positions.
The militia was still maintaining roadblocks in the government-held areas.
The RPF advances continued, and they had been reported as having taken control of the portions of important roads.
And it gives the names of these roads.
Otherwise, there was no change in positions and other parts of the cleanings.
One UNAMIR officer, a single lease, had been killed today
when the vehicle was traveling between the Hotel Mil-Coleens and UNAMIR.
UNAMIR headquarters was hit by a mortar bomb.
So there were reporters that stayed at the Hotel Mil Colline during all of this – during these battles.
Can I put on a tinfoil hat for a minute?
Go for it.
Kagame is a bad guy, right?
The guy who's running Rwanda.
He's objectively not too good, right?
I would disagree with that.
You would?
Absolutely.
Okay. Play with my hypothetical for a minute. Let's say he's not the best. Go for it. Okay. Yeah. Let's go.
Yeah.
Even if he actually was fine.
Sure.
Let's say that he's the leader of a small country. There's financial interests or whatever.
Yeah. that you know he's the leader of a small country there's financial interests or whatever yeah and there are powerful structures around the world who have a financial interest in this guy having power
okay could they be poisoning stuff like this just like they poison other stuff meaning could they be
poisoning sources to say oh it was actually this way versus that way to take the little poor hotel owner out.
Okay.
I'm just playing a hypothetical.
Yeah, the hypothetical.
That's good though, right?
It's good to think about – we have to think about the other side.
Could this be a ruse?
Could this be just – right?
The challenge is this, that I thought I was – before I looked into this entire case and I started getting
really deep into it, I had never seen that movie Hotel Rwanda before until I started
researching this specific spyware case. I didn't know all of these, I didn't know the other side.
I was thinking, wow, this is horrible. This't this man is a hero etc etc that's what i
thought right so i started asking scholars like phd scholars um a genocide you know you know
genocide against the tutsi scholars you know i started asking academics for information, more information where I could find the other side.
Were there people saying that he's not a hero?
Because there was so much information saying he's a hero.
What about the other side, that he's not a hero? Hotel Milcolin, in which they said, this man that said saved us was charging us to stay there,
or we were going to be kicked out of the hotel. And this was a common theme. And I thought,
you know what, maybe they're just trying to discredit him, right? Maybe because they're
too close to the situation, and they're Tootsie. Maybe they're trying to discredit him until I found an American journalist named Maggie Rooley who went to Rwanda, went to Kigali.
Later, like later on.
And this may all be right.
Yeah, and the's a saying that in the late 2010s, again, it's in a report, and Maggie decides to interview people because she also had heard these stories of people that say that he was not a hero.
Now, she went in and she started asking people, did he charge you?
And they said yes. And and then she asked well what
was your experience so she didn't ask did he charge you then and so she started asking different
questions and the same narrative kept coming from the people that were there he charged
for people to stay in a hotel or they were going to be removed and sent out.
Yeah, so he's confident.
And this was – and in an interview in – he was speaking in Kenya, Rwanda,
which is the language of Rwanda, Kenya, Rwanda.
He admits that, yes, he charged people.
He admits it in an actual interview that he charged people.
And these kinds of things are being pushed aside by the narrative, by the people that want to believe that he was a hero and that he saved these people.
Imagine this.
Imagine that these American soldiers, imagine American soldiers, if the audience can understand this,
American soldiers are not given the credit for actually saving the lives
of these 2,000 people
and they're actually saying,
you know what,
this guy that ran the Hilton
actually saved everyone.
Come on, bro.
Yeah.
Did you shed blood?
It's a great movie.
It's a great fictional movie, bro. Yeah. Did you shed blood? It's a great movie. It's a great fictional movie, dude.
It's a great fictional movie.
And to that end, he does admit in another interview in Kenya, Rwanda, that this movie is fiction.
He does.
He says it with his own words.
Now, wait, wait, wait. Is that out of context where he's saying there's parts of it that they used fictional Hollywood license for?
Or is he saying the movie in general is fiction?
Likely in general.
I would say – I would go that likely in general because obviously these events did not happen in which he says he saved there were there were likely events that were um you know maybe could be uh you know
could be true but in general go back go back let's see for a sec go go down top video this one yeah
yes real life hotel rwanda so he's real so released. Oh, he was released. Oh, yeah.
He ended up... So this happened last...
Yeah, this happened last year.
He was released.
Paul Rustesa Bagina, the activist who's...
Is he an American now?
Oh, he's back in San Antonio, chilling.
...was freed from prison...
Oh, yeah.
...in the capital Kigali, Nazareth.
Oh, I didn't know that.
Oh, man.
...the latest chapter in a Hollywood tale-turned-criminal trial.
There will be no rescue.
We must shame them into sending help.
The 2004 film dramatized how, a decade earlier,
Rusesabagina, himself a Hutu,
saved more than a thousand Tutsis
from murderous Hutu gangs during the Rwandan genocide.
Paul Kagame, now president,
was initially lauded for stopping the genocide.
But three decades on and still clinging to power,
he stands accused of human rights abuses
and Rusesabagina was one of his vocal critics.
The time has come for us to use any means possible
to bring about change in Rwanda.
As all political means. you can see right up there
the top right it says fln so this was one of the speeches in which in which he admits that hey it's
time to take that violent action and overthrow president kagame this is a real this is real
footage in which they're reporting. Thankfully, they're reporting that
this is the other side. But yeah, this is what I was talking about, the FLN. Go ahead.
That statement was used against him in court. He was accused of being part of an armed group
trying to overthrow the government. But how did he arrive in Rwanda in 2020? Because by then,
he was a Belgian
citizen with permanent residency in the United States. He was effectively kidnapped. He thought
he was flying to Burundi from Dubai. Instead, he ended up in handcuffs and then the docks
found guilty of terror offenses. It was aimed at Hutus who live in Rwanda. She hates me.
Because they had come to see Rusesabagina as a champion.
Who was bravely denouncing Paul Kagame's government.
And when he was lured and snatched and then sentenced to 25 years in prison,
it's felt to them, look, I can get you.
But internationally, this was all declared a show trial.
And ever since, the Americans have pushed for his release.
And recently, Kagame said he was willing to move on the issue.
So let's pause right here for a second.
So this is, so, you know, prisoners are granted clemency, right, at the end of a term um you know for in the u.s right it's
the same thing that happens over there so they're misrepresenting like when they're let out ahead
sometimes right yeah there's like hey you you can go you know like like like lil wayne was like
pardoned by well that's a pardon that's different different. Right, the same thing. This is like the same, like, you're, they pardoned Rusesabagina.
Oh, he pardoned them?
Yeah, and a whole bunch of other people because it's that time of the year.
Wait, but that's a, he, Kagame pardoned them, cleared his record.
I mean, that's what happened.
Okay.
Yeah, that's what happened.
There is work going on about it.
Why has the Rwandan government released him now?
So I think it's by sheer dint of repetition.
You know, every single time that Antony Blinken met Kagame,
he brought this issue up.
Every single time that U.S. congressmen were having encounters
with either the Rwandan embassy or members of the Rwandan government,
they would ask about Rusesabagina.
And I think it's had a drip, drip, drip effect.
So in the end, I think Kagame must have thought,
I'm making myself a lot of enemies in Washington.
And that's not a good enemy to have.
But if they felt Washington's ire,
the Rwandans haven't been given the cold shoulder by London,
with Home Secretary
Suella Braverman visiting the country recently as part of her government's plans to send
migrants there.
On behalf of the UK government, we are absolutely delighted and excited that our people of Rwanda
are safe.
There's a complete disparity. And I know that in Washington, they're really puzzled by what they see as this
very strange position being taken by Rishi Sunak and by his ministers. The Rwandan government today
said Rusesabagina's sentence had been commuted, but his conviction still stands. Okay, so they
didn't pardon him. He's expected to fly back to the United States in the coming days. I stand
corrected. Yeah, commuted him. Yeah, there. There you go. Well, earlier I spoke to Yolanda Mercola, a spokesperson for the Republican government.
So, yeah, thanks for the correction.
Yeah.
Yeah.
So I think what's important to understand is that this, how is this related to the spyware?
Yes.
Now we're bringing it.
Right.
So now we kind of understand who this guy is what he's accused of
and all this and all this so his daughter has powerful friends we're talking like senators
we're talking about like congressmen we're talking about like the people that were actually lobbying
for for him to be released and And they constantly press and press and press
and speaking around the world that he's kidnapped, et cetera, et cetera. And so she used this
kidnapping of a hero and fused it with her own situation where she alleged she was spied on. Now, she spoke in front of U.S. House Intelligence Committee.
And I spoke to Kareem personally.
Oh, you spoke to his daughter.
How did that happen?
Yeah, well, I just messaged her on Twitter.
You go in DMs with her?
Yeah, DMs, and I posted all the DMs too.
Did you ever talk with her on the phone or anything?
No, she gave me her phone number, and we didn't talk on the phone,
but I don't think that she – after my report,
I don't think she would ever want to.
But what we did discuss before she blocked me and whatnot
was she gave me her, her forensics report.
This forensics report was not a forensics report. It was,
it was this, it was this methodology,
the same methodology that was published in 2021 that gave the false positive results based and was the basis of this MVT tool. That's what's her report. Think, let me, let me be more clear.
Her forensics report included 50 plus other people,
people's forensics report. So how,
how is this your forensics report?
If 50 plus other people are also in here and you're giving me this and it's like a signed official,
like for, this is not, this is a sham. This is not a, this is not what you do. This is not a
forensics report. It's like a, it's a blog post in a PDF. Seriously. This is what it, what it came
down to. And so when she presented this, this forensics report to the US House Intelligence Committee,
one thing that stood out was she alleged her espionage occurred in a February of 2021
that she was confirmed to be spied on February 2021 by Amnesty International.
Well, the forensics report, another forensics report was released by the Belgian government
in which they alleged to have done forensics analysis on our device.
That device's operating system was, had, there was no way that that operating system could have
ever been released in February of that year. How do you know that?
Well, we can actually bring this up and um because this is
very we bring it up so if we go to my twitter and um actually let me see if my computer has a little
bit of charge so i can do it faster but um i actually got to go to the bathroom so we'll
pull this up we'll be right back yeah all right we We got it? Yeah, we're good. Yeah, we got it. So the timeline of events are very important to analyze.
So the official testimony given to House Intelligence Committee stated that the initial infection, which we understand is not the first infection.
It's now the second, but she's claiming it's the first.
Because the first phone was destroyed in 2020.
She destroyed it.
She destroyed it.
And she said she –
A week after the –
A week after they kidnapped her father, allegedly kidnapped him, right? But now she's coming to House Intelligence Committee and saying,
well, Amnesty International and the Citizen Lab confirmed that I was infected with Pegasus spyware
February of 2021. Well, she presents a document saying she had an iPhone X running iOS 14.6.
And this was confirmed.
And she gives the, says in the document,
iPhone X running 14.6.
Well, 14.6 was not released until May 24th, 2021.
Oh, so it's just wrong.
Now, is there a mistake there in her reporting
that she meant to say 14.4 or something?
No, and this is in many places. This meant to say 14.4 or something? No, that's, and that's, this is in
many places. This is in many places. This is in, this is in a report from the Belgian intelligence,
the same 14.6. This is in her forensic report, 14.6. And she was in it to be clear. You said
this already. She was an adopted daughter, but she was a, she was a girl who had been at the hotel? Is that what it was? Yeah, so her and her sister were – they're adopted because her parents were –
Killed.
Were unfortunately killed during the genocide against the Tutsis.
So Rosessa Bagheena adopted her.
Yeah, I believe it was one of – their family members, I think maybe either his wife's or his –
I think it was his wife's family members
where those were his daughters. Those were her daughter, like his wife's sister's daughters that
they adopted. Right. So they were, they were family. Oh, they were family. They were family.
Okay. Yeah. So, so yeah. But again, so it's not possible now, now here's the scenarios again,
and this is where we jump into the video that the
clip that I had had sent you. And this is where we come into saying, all right, if you're alleging
that this operating system version is the one that was infected, you've created a cool indoor
retreat. Now let mighty pine provide the quiet and energy efficient comfort you can depend on
with a range of
innovative cooling solutions like the Carrier Infinity Heat Pump that delivers premium home
heating and cooling performance.
Learn more at MightyPineHVAC.com.
You make it a home.
Let Mighty Pine make it more comfortable.
Rebates, incentives, and financing are available for a limited time.
Mighty Pine and Carrier.
Turn to the experts.
Discover the exciting action of BetMGM Casino.
Check out a wide variety of table games with a live dealer
or enjoy over 3,000 games to choose from like Cash Eruption, UFC Gold Blitz.
Make instant deposits or same-day withdrawals.
Download the BetMGM Ontario app today.
Visit BetMGM.com for terms and conditions.
19 plus to wager ontario only please
gamble responsibly if you have questions or concerns about gambling or someone close to you
please contact connex ontario at 1-866-531-2600 to speak to an advisor free of charge betmgm
operates pursuant to an operating agreement with iGaming ontario well first there's no chain of
custody so like we talked about there was no. You didn't stop the usage. It means you gave the device back to, if you found the spyware in February,
you gave the device back to Kareem, which, in fact, is what Citizen Lab and Amnesty do.
They don't ever quarantine the devices.
Here's your device.
And they don't, in fact, they don't.
Which is totally.
It's normal.
It's normal to just, here's your phone back that's infected with a now and the thing is is that all right so they give it back and so now what are we
looking at what are we analyzing if you've been if you updated if you updated your operating system
what are you looking what are you finding if you found it in if you found it in february well it just doesn't make sense well this is a
again a common theme in which the citizen lab in amnesty specifically is what the citizen lab
director says we don't even need the phone to do forensics analysis he told in an interview with
with a spanish newspaper el pais he says it would not even be useful to us to have the phone to do forensics analysis he told he in an interview with with a spanish newspaper
el país he says it would not even be useful to us to have the phone those were his words
it would not even be useful for us to have the phone and it makes no sense but this he he's
quoted saying that in this interview with el paísais. And all of us scientists are saying you absolutely need it.
And they are only relying on iCloud backups in order to determine that your phone is infected.
And then so –
And she's claiming it's up to three phones or something at this point that have been affected?
Now, when I – if we can play this, this small clip.
Yeah, can you airdrop that again?
Because you airdropped it to me and I don't have it.
Sure.
But airdrop that to Alessi.
So this was what we were watching earlier.
Yeah, hopefully I can still hear you. argument is that if you had so if you or i figured out right now or believed that our phone was
infected by pegasus the argument is that it well if it's got pegasus then it can hear everything
we're doing it can track everything we're doing it's in all of our data yeah so you turn that
fucker off and send it into the lab to get you know faraday cage all that shit whatever or you destroy it
i guess that would help too right yeah i mean they're still in there i mean you could destroy
it you could i mean the best thing to do would be just destroy it right right and now they're
not in there if it's destroyed yeah they can't get another right cloud okay just get another one so
in this clip she's carrying it around and it
allegedly has Pegasus on it
and this happens frequently
frequently with her
she in
yeah is your airdrop on?
yeah
yeah it's
weird it didn't I'm going to try again
as a little post edit guys
if there's some jumping
today in the edit it's because there there's all kinds of files and all kinds of different links
and stuff that jonathan's been pulling up all day i want to make it as good of an experience for you
guys as possible but what i like about john is he likes every fucking thing cited absolutely which
is great and like if you don't believe me, read his reports right here, which are fucking nuts.
Thank you, McKayla.
So let's pause here for just one second.
I just want to give a kind of pre-context.
This is the Oslo Freedom Forum in which – so Corrine is giving her testimony. And this is before her father was released. And she's speaking at this human rights
convention. And then she's also speaking about her experience being infected with Pegasus. And
the speaker right now is the master of ceremonies for the Oslo Freedom Forum.
This is the guy, right?
Yeah, the guy.
It's 2022, so we can go forward.
Okay.
Yeah.
Here because we have to make an announcement, and the announcement is somewhat terrifying.
Some of you may be aware that there is a company operating out of the state of Israel called NSO. And it focuses on creating software that is sold primarily to
intelligence agencies, including dictatorships. They are the people that are responsible for
the Pegasus virus. The Pegasus virus is a software that all they need is your telephone number.
With your telephone number, without you clicking a link,
without you receiving anything, just with your telephone number.
True information.
They can take absolute control of a cell phone.
They know everything that you have access to.
If your phone has Pegasus, they have access to it.
True.
They know who you call, where you are.
They can turn the phone on at any time.
They know everything that's happening. They turn the phone on at any time. They know everything that's happening.
They can turn it on at any time.
And as part of the interactive exhibits, the booths downstairs, Citizen Lab, an organization that works out of Canada and has been a pioneer and on the front lines of protecting activists and securing privacy, they have a booth downstairs we have offered this booth to members
of our community where you can go and in a matter of minutes they can tell you if you have pegasus
on your phone that's where i was it's possible to any pause one second he said in a matter of
minutes we can tell if you have pegasus on your phone. We have a booth. And then the next part
is what's really concerning. Now, understanding he's not a tech expert. He's speaking as a layman
in his interpretation. So I'm going to kind of give him the benefit of the doubt,
but let's continue for the next piece.
Anything they can inform you just by looking through some things if you have Pegasus.
And there are two people in the Oslo Freedom Forum community that in the past 24 hours have been diagnosed as having Pegasus.
Now, Pegasus costs a dictatorship about a million dollars per license.
So it's a million dollar cyber weapon.
And sadly, her phone was found to have pegasus yesterday it's active right now
did you have your phone yes and this is the second phone actually that's infected last year amnesty
international conducted forensics analysis on my belgian phone and discovered that i had the
software and this yesterday just yesterday we learned that my U.S. phone also currently has the spyware, which means that Paul Kagame is listening to us right now.
You want to talk to him?
Hold on.
That woman sitting on the right.
That's wrong.
That's wrong.
That's Michaela wrong.
If you notice her face.
What a name.
Yeah, I know, right? if you notice her face if yeah
i know right if you notice her face if you go back yeah she's like oh this is silly like this
is like she even knows what's about to happen is just absolutely you know okay yeah let's go for it
the applause was not for you, Paul Kagame.
The applause was for the fact that despite all of this,
you have a sense of humor about this.
Paul, we'd like to send you the love that your father never gave you,
and we hope that you can find and come to some peace
and stop the activities that you're doing.
That said, we will be removing Pegasus from this phone.
Okay.
Let's pause and not callbert downey jr here what's the so can you even at that point like when he says
we're going to remove it they're like talking into this device or whatever so is he taking it
somewhere real after this and actually pretending to remove it no is because after this she goes to
another conference with the exact same phone case and the exact same phone,
and she takes it out of her pocket in the same manner,
and she gives the same song and dance.
My phone is infected right after this.
She goes into another conference and says the same thing.
She does the same thing in European Parliament.
She takes out her phone in European Parliament and says, my phone is infected.
And I'm just like, what is this?
Like, is this, what is this?
Like, is this real or is this a joke?
Right?
Because you're alleging illicit activity in which you have now tampered with evidence and you're still presenting this
to governing bodies around the world and you're making a mockery and saying hey do you think
though that she could have so many of these people in her ears saying yo it's fine that you have that
it's not good but like we got you like listen we're gonna do this we're gonna bring it out we
have to show people what this is and she wants to get her dad out of prison at this point do you think like she's being used
here because i i think that's very plausible that could be if she's i'd be upset if my dad was in
prison but i mean so so this comes down to right like do you have a moral compass because what's
happening right what's happening is that the that the effects of this are real.
And I say this because the European Parliament passed a motion of resolution that was passed, there were false positives in the data that was presented to House Intel, European Parliament, that were never presented, ever presented. Ever presented. So that's withholding information. So one of the things that I posted and I wrote about in this white paper is when they went to House Intel, when I say they, Citizen Lab and Kanemba went to House Intel, they signed a document that said under the penalty of this criminal USC code, withholding information is a crime, etc.
Knowingly withholding information that there were false positives within her forensics report.
This is where it gets interesting because if you exit out of this and go back to my highlights,
I'm going to show you, I created a graphic that shows what actually happens if you go out of this and go back to my highlights, I'm going to show you. I created a graphic that shows what actually happens.
If you go out of here and go to my highlights.
Yeah, just click on my page.
Yeah.
And there's a graphics with circles.
It shouldn't be too far.
Oh, yeah, we were passing that.
Right there, right there.
Click on that image.
All right.
So this is the timeline.
Right.
This specific indicator of a compromise, which is this diagnostics.
Remember, everything is a string.
Everything is a text.
If you have this piece of text in there, you're infected.
If you find this piece of text, and I'm going to show you another experiment that I did
and that I wrote about to even further show that this is nonsense.
February to June, she's infected.
Then in July of 2021, part of the month, she's infected with this and not infected with this.
Not with diagnostic?
Yeah, so diagnostic.
Imagine just a piece of text, like a text that was found in the phone.
Oh, okay.
So they changed the results.
So July 2021, she's infected and not infected.
And then August, September, October, she's not infected.
But then now in November, she's infected.
And the reason I say this is because in these – Amnesty and CitizenLamb couldn't make up their minds.
They wrote in the code repository false positive then they write back and say oh we oops we messed up it's not a false positive
come on guys come on you're but during the time during this time that she was not infected
she was in european parliament and at this time there was a motion of
resolution passed against rwanda at this time when she was not infected it was passed and this data
was never released and never presented at all okay so i think we have the core of that specific
example sure covered a lot and we've already talked a little bit about the implications here.
You talked about the MacArthur Foundation, the Ford Foundation funding things like it was Amnesty International in that case?
Yeah.
Okay.
NSO being an Israeli organization, and obviously this is all pre-October 7, 2023, all the stuff we're looking at.
So this is all pre-October 7, 2023, all the stuff we're looking at. So this is long before that.
Is there – is this anti-Israel or is it anti, again, top-line thing?
We don't like people being spied on, so anything that's creating that that we're going to go against yeah so this is this this has
a history that goes all the way back to 2012 and this is where the case the the final case that i
want to mention is the case of morocco okay back in 2012 amnesty and the Citizen Lab had it out for Morocco. And I say had it out in which
they accused Morocco of espionage. I mean, there's just lists, lists of blogs and documents that
they posted stating Morocco is spying on human rights defenders.
Morocco is violating human rights with not even NSO, with Italian spyware, right?
With all kinds of different spyware.
And, well, it turns out that one of the people that was alleged to be spied on
is a man named Omar Rady.
Well, Omar Rady is another man that's in prison for rape and for – yeah, he's in prison for rape and for some – I can't remember what the other crime was.
But you can – yeah can you can find that but uh and my document's the first one that comes up
but uh but the uh so he's in prison for for yeah for these crimes and amnesty international and
the citizen lab are saying this man is a target of a human rights abuse you need to release him your allegations of rape are false your allegate
like like and and like people like wait a second and the woman's like what i was
it's happened to me like what is going on and they're saying like he he's he's a human rights
defender he's a journalist like he he's being targeted by the Moroccan government. So in my research, I found it unfathomable that an organization or an NGO like Amnesty could spend so much time targeting Morocco.
And my results are very clear.
I'm going to show you.
So there's two white papers that I wrote on this.
And specifically, I have charts that show the percentage of this, the basis of all of this,
the basis of all of these accusations come from, again, one report by Amnesty International that's – again, this is the document the Koreans sent me.
It's all the same.
It's one document. And I posted this graphic on my Twitter, but essentially what I'm showing you is that it's all the people, Amnesty and Citizen Lab, they're all connected.
They all worked on the same report.
They validated their – it's circular validation.
University of Toronto Munk School, Citizen Lab, Amnesty International. Basically, I'm looking at a...
And look at the board of directors for Amnesty International is also employed by the citizen
lab. I mean, it's a circular movement here, all validating themselves. it's it's it's you know there's no way that
we can be peer-reviewed now the next part when in this report now there's
graphs and it shows you can flip the pages to the graphs until you find them
and you actually if you go to my highlights if you go to my highlights, the graphs will show. So you're seeing it in the report.
I'm holding in a big question for you, but I don't want to ruin your flow with the case.
No worries.
So you scroll down, and let's go to the Omar Rady.
You'll see it's called Pseudoscience is the title.
It's a big red cover page. Right there. Right there. So click into it. Sorry. Yeah. And scroll down. So this is the graphic that I was showing if you want to click on that. shows that, all right, if Citizen Lab validated this forensics methodology report, let's look at
actually who's working with who. And you can see the Citizen Lab and Amnesty International,
Toronto School, like everyone is, it's just, again, the circular validation, who is on the
board of directors. And this is one of the professors of the Munk School.
And all of this is outlined in this report.
But let's go back.
And so we go to a few of the graphs.
Scroll down a little bit more.
Right.
So let's look at if we see here.
2021 Amnesty released forensic methodology report.
This is the one I'm talking about.
It says 52% of the forensic report focused on Morocco.
Nine of 17 sections focused on Morocco.
Scroll down to the next one.
Right here, we say 100% of the appendix B and C traces were from Morocco, even though the report briefly mentions France, India, Rwanda, UAE, Hungary.
So you think it's targeted?
100%.
100% targeted.
Without a doubt, and I prove this, and someone tried to debunk me.
Who?
Runa Sandvik, the former IT director of the New York Times.
Have you ever had contact?
Is that a man or a woman?
She's a woman.
Have you ever had contact with her?
Lots of contact.
We've spoken on the phone.
We've done video.
Is it cordial?
No. done video we've cordial no we we well we're we're professional we're professional but it
sometimes sometimes but but the point is is that this report and i go into very deep this is these
are very detailed i i go through lines of code i i the very technical reports that are targeting morocco and have been targeting morocco since 2012
in which one of the citizen labs researchers who was a another person accused of rape and
removed from the citizen lab due to this rape misconduct um explicitly states false information, false attribution that the Moroccan government has
been spying on XYZ human rights defenders with no proof to point, no methodology.
Now, I want to show one piece.
If we go back to my highlights, and this is kind of the piece that I think can make
a lot more sense. We go back in the highlights. One, yeah, one back. Scroll up, scroll up,
um, scroll up, up, up, right down, right, right there. Okay. Now, this, what you're seeing here is a timeline that was presented in this document.
Now, two sets of data for the exact same event and two different times to the exact second.
So how did the murder happen at two different times.
So people make the argument and say,
yeah, you can see that,
you can see, look at the timestamps.
They're like, they're two hours apart,
but they're- They're a sick fuck.
You know what I'm saying?
Like, and so no, who's not-
You missed your calling, my guy.
Yeah, like nobody, yeah.
I gotta call Jim DiIorio.
He'd hire you.
Hey, we got two different time
stamps one didn't do it we didn't do this that's that's no he was a high level okay gotcha yeah
well you know what i'm saying like we didn't do this yeah so so what which one do we pick guys
you see what i'm saying and they're presenting this and so and and this and amnesty
saying yep here's the evidence they're saying here's the evidence that um that morocco spied
on this rapist and morocco's like no wait what wouldn't me wait what are you kidding me and so
they they they send a a letter to Amnesty International.
One of the heads of the government said, show me your methodologies.
We're a government organization.
You're an NGO.
You're accusing us.
Present us this proof or we're going to sue you.
They didn't respond.
So Morocco sues these organizations.
And as far as I know, there's still some litigations happening but the the issue here is like well which one do we choose guys when did the uh when did this
event happen are we just going to what do we do because you see what i'm saying this is not science
what are the things that have been definitively traced back to NSO? Nothing.
No, not from what we've looked at.
Not from what we've looked at.
Okay.
From other things that are labelable.
Make up a word there, I think.
Sure, sure.
Is that a real word?
Yes.
Labelable?
No.
But what things are labably bad, meaning like did Xi Jinping pay them for Pegasus and take out a bunch of enemies?
There were instances when NSO group conceded that their software was used illicitly there were instances rare that I believe it was I
think it was early early or late 2010s but there's there's documentation of
them saying yes we've actually identified that one of our clients they
don't say who their client is that's one of the things that they specifically
right right so but they do say that That's one of the things that they specifically – right? Yeah, it's confidential.
Right.
But they do say that they identified one of their clients was misusing their software.
Yes.
Again, we don't have the information to know which client it was, but they said that they've handled the situation and they've revoked the licenses.
Okay?
How much of it is also though they don't't ask don't tell on a lot of things
sure yeah sure but but it's a messy space it is a very messy space like what what so what's
happening is that these organizations are saying let's just remove all surveillance technology
now hold on because remember when we said – when I showed you that Citizen Lab admits that they're doing illegal things.
Well, they want to remove all surveillance technologies, but yet they worked with Palantir.
Yeah, I was just going – you took the words out of my mouth.
And they –
That's Peter Thiel's joint that works with the CIA.
Absolutely.
So you're picking and choosing which spyware firm are you going to be working with and which one is better for your agenda.
Does Palantir have anything like Pegasus?
No.
That we know of?
Not that we know of publicly, but they are considered a surveillance technology of course
firm absolutely and you know this is um they've actually donated they've donated to citizen lab
they've i mean there's documentation of this i mean so what oh yeah absolutely. So they're funding. Yeah, absolutely. They're funding the enemy to take, oh my god.
Absolutely.
And this is public.
This is public.
And even on their Twitters, they're like, hey, we're meeting.
They say, guess who's coming over to the Citizen Lab house today?
Palantir.
That is sketchy as fuck. The director of the Citizen Lab calls Palantir the darling of cybersecurity or something.
Those are his words, like the darling of XYZ.
And I'm just like, come on, guys.
Like what is going on?
And this is in one of his books.
Alessi, can you Google something real quick?
I'm just thinking of this off the top of my head.
Connection between NSO and Black Cube.
Two words, Black Cube.
I want to see if there's something here.
I've never looked at this, so we're going to find out.
All right, let's click that first one
Israeli operatives Black Cube Israeli spy firm reportedly targeted researchers probing hacks of dissidents Black Cube which aided Harvey Weinstein targeted six people connected to
lawsuits against the Israeli hacking firm NSO group say new reports before i read any of this black cube is a arguably the greatest
private intelligence company in in the world as far as like handling smash and grab things
on the ground it's run by all former shin bet and massad like geniuses from from their days on that
so it says the controversial tel aviv based
intelligence company black cube dispatched a flock of covert operatives to probe researchers
lawyers and a journalist researching the israeli cyber weapons firm nso group according to a report
on israel's channel 12 both companies have so far denied any role in the operation which involved
private spies attempting to goad people into making racist and anti-israel remarks and reveal
sensitive information provocations that one operative tried in a botched attempt in new
york last month spies have targeted at least six people in north america and europe who are
connected to ongoing lawsuits against nso group according to the separate report on monday by the
associated press channel 12's report which aired on saturday in israel included hidden camera
footage of two of nso's critics meeting the undercover operatives.
The TV report criticized the lawsuit against NSO claiming a smear campaign against the company.
Okay, I'll stop it there.
So I ask that because Israel tends to be the best at a lot of these jobs. Sure. And so when companies that are tied to them are in this, they get a lot of ire.
I think there's ways to see that both ways.
On a separate note, obviously there's a whole war going on right now.
I'm pretty grossed out by pretty much everything happening there.
I would like to see that end.
I think there's – obviously Hamas is very bad.
I think the Israeli government has taken it way too far. It's kind of – some of it's horrible.
But it becomes this hot-button issue because it's them. And so Black Cube, But it does seem like there's these weird espionage-related wars that go on.
I know like when I talk with Andy Bustamante –
Usually – actually, we should talk about this on camera.
We've always had this conversation off camera. Kind of like layman's outer underground espionage disagreement even between
you know intel agencies that are labeled friends none of them are friends they all spy on each
other right there's no friends in in that type of community there's only like fake friends so
you know i wonder sometimes about and and you laying out these cases about these organizations
that we've been dealing with
today which are all private organizations some of the dark money and stuff like that could be
coming from different agencies around the world who may in particularly have an issue with massad
and some of their tactics on their soil which could be totally fair but then it's playing out
where there's real world victims and and lies that can happen too which i guess i mean that's
the world so in some ways cynically i'm like okay well that's how it goes sure but is that
fair to say possibly well i mean that it's possible i think that it's a possible scenario
but i think that you know if we look at this as well this is just how the world goes, I think we need to consider that the implications of continuing to present these cases without science that is verifiable, falsifiable, etc., is – again, it's damaging. passed against Rwanda. It was passed against Morocco because this man, Omar Rady, was the
center of focus in this European Parliament resolution against Morocco. They said,
Morocco spied on this man, Omar Rady, and violated his human rights. We're going to pass a resolution
against Morocco. And they did. But no one showed them the pick a date right no one showed and and said but that's
what i'm saying is it's possible what you're saying there could be some you know underground
or like strife that's happening but but ultimately the who's being affected by this are the people i
want to say the people like innocent people of these countries because what happens after resolutions is sanctions.
Even in the case of Kanemba, one of the Texas congressmen said –
Kagame?
No.
One of the Texas congressmen – in the Kanemba case when she was testifying in US House Intelligence.
Oh, right, right, right.
Sorry.
Kind of flipped back.
Sorry, sorry.
It was Joaquin costro
he's he's a yeah texas congressman yeah he said you know we might consider just now uh sanctions
against rwanda and uh you know removing their their their funding and aid which and it's like
what the heck and she specifically states we give she said we give them so much money. She said, we? And this is the part that I need to address as well.
She says, and they used so much of it to spy on me.
Allegedly.
Allegedly, right.
Now, here's what is very important to know.
It could be a last talking point, honestly, but one thing that we've heard is that – and we know it could be true, it could not be true based on different events.
But U.S. phone numbers, plus one phone numbers, cannot be targeted with Pegasus.
Okay?
So you don't know this?
Nope. okay so you didn't you've not you don't know this yeah okay so so this is kind of an agreement that
the israeli government and the united states have that plus one phone numbers cannot be targeted
with pegasus an agreement an agreement but of course right but then again of course the fbi
was found to have pegasus so it's kind of like wait wait so maybe there's different versions
now but this this part this part is where it gets very tricky so this is back to kareem kanemba's
case she's testifying in house intel and saying i was targeted with pegasus and the and the one of the congressmen or women says well this is funny because we're
told that uh you know plus you know Americans they're Americans cannot be targeted with Pegasus
well this is the conflation her Pegasus doesn't care what uh nationality are. It's a software. So when she presented this espionage case,
her Belgian phone number was the one that was presented to the House Intelligence Committee.
And she even says it in the video, my American phone, my Belgian phone. And she said it in the
video that we watched. She presented her Belgian phone and they conflated the issue saying an American was spied on.
When does the software care what your nationality is?
But if they knew who they were targeting, then it is an American.
Like as an example, my buddy Nico, he's a Greek dual citizen.
I don't think he has this anymore, but he used to have like a Greek number when he was over there.
If he were getting targeted, if they decide we're going to target, Nico Karolidis has been on the show.
But they would know who he is, so then they're like, okay, what's his number? Plus four, four four you know oh okay greek number but they know he's an american so it's just a semantic or am i looking at this wrong
no it it's definitely semantic but the software doesn't care what nationality the soft the
software is agnostic it doesn't you know of of your nationality it cares about which – what country code are you entering in at first, right?
So to make the case that an American was targeted is not – it doesn't follow the logic of the software.
You see what I'm saying?
It's the phone number.
This is the phone number.
But the congresspeople conflated this issue and said – and in order to make a claim –
I understand.
You see what I'm saying?
Yeah.
Which I think one part we didn't talk about was what was at the end of that bill.
Remember we were talking about that earlier, the aerial phenomena, the underwater –
Oh, shit.
What did that say?
Okay, yeah.
So we can –
Yeah.
Yeah, yeah, yeah yeah so we
knew the tinfoil had to come out so i know i was like hold on let's let's go back let's go back
um and uh this was this was um cool sorry yeah this was very strange which report was this
where did you find this yeah so this is actually the very beginning of – this is the very beginning of my spyware Kareem Kanemba Rwanda case.
And so it's actually the second paragraph.
It says, so Kanemba was invited to give testimony in a hearing before the U.S. House Intelligence to serve as support for house bill hr 8367 the purpose of this house bill is as follows to authorize appropriations
for fiscal year 2023 easy keep going etc uh and so for a total amount uh 2000 total amount of 1.18
billion what they toss in there in the footnotes
oh yes so so this is me in the footnotes no no i mean like what did they toss oh yeah yeah okay
yeah yeah so so you have footnotes right of course of course of course so they're saying
oh we're going to use part of this money to develop um open source intelligence tools that
monitor china and russia and then they say the bill includes
a section of other matters which
calls for the documentation and disclosure
of all unidentified
aerospace undersea phenomena since
1950s
they just
slide that little bat boy right underneath there
like oh yeah we got this
look at this girl who was spied on
it's so innocent. It's so –
By the way, underwater technology for aliens?
Are you ready to just toss that one in there, will you?
Thanks, Ted Cruz.
Appreciate it.
Yeah, exactly.
So this is like page 597 through like 623 out of like 1,097.
And it's like – it's crazy because it's super detailed.
Like if you actually go to the link, it's like, wait, that's a lot of detail that you want.
Like wait – and you just snuck that into this bill.
Have you ever seen –
That's wild.
This is – I'm just remembering a recent one.
It's not that recent, but there's one image popping into my head, and I know a bunch of other senators and congressmen from both parties have done tweets like this over time but i remember one maybe last year of ran paul okay where he took
a picture and he had a stack it was a bill right and he said this was just put on my desk 20 minutes
ago uh-huh it has a vote in two hours wow yeah if you think i'm reading this but i'm expected
but i'm expected to go vote on it this happens all the you think i'm reading this but i'm expected but i'm expected
to go vote on it this happens all the time that's crazy right and so i always wonder what it would
be like to be a fly on the wall in all those congressional staffers rooms when they're sitting
there with like how do we sell pizza on a saturday night just like oh yeah let's get the alien part
in there footnote number 547 like what the fuck yeah and when i and who who taps on their shoulder
get like is it boostamante going in there like listen man you're gonna put that alien thing in
there you understand me the oreos holding the gun to their head yeah brains of the signature yeah
and i'd be like why did i read that entire bill that's what I like asked myself. And then I was like, Oh yeah. I'm like,
come on.
And people were waiting for my report.
I had like,
I had so many people.
They're like,
I know.
And,
and like people were like,
like Jonathan,
where's the report on that?
I guess I got to finish reading this bill.
And then I'm like,
but this is really crazy.
This is really crazy.
So,
but yeah,
if you,
if you look at the report and you go to
the footnote, you know, and then you go to the actual, it's like, they want to know everything
about this unidentified aerospace undersea phenomenon. They, they, they, they go to details
like this funding is going to go for like this specific, like, uh, UAPs underwater that have
been like captured even they, they say like, oh, like oh it's oh yeah you should go to the
bill if you if you're interested it's like we know that there have been they it says in essentially
like we know that there have been captured um phenomena unidentified phenomena and we want to
know all about those captured but like whoa remind me to send this bill to jesse michaels before yeah super wild super wild like just sneak it in there that's
nuts man yeah what what makes you do all this i mean i'm i'm blown away like like you're like you
were people didn't see today but there were i don't know what alessi like three different times
where we had to stop for like it was at least 20 minutes each time where you are anally going
through and making sure literally that the line of the source is correct, which I appreciate a ton.
And I'm like, all right, you can believe it.
But like what makes you do all this stuff and put these reports together that are so dense and like incredible?
Like I wish you were like a fucking senator or something like we'd actually get something done in this country you know that i i didn't want to stand for this anymore
right like apparently and i know it's and this is not i mean there's there's even more these are the
core ones there's there's smaller ones maybe 10 12 pages right but these are – yeah, it's – what happened with my lawsuit, one of the things that really sparked all of this was this forensics expert was looking through a laptop that my business partner had stolen and said, well, can't find anything.
Can't find your code.
Can't find anything.
And he presented that to the courts the and and then i made a
counter argument saying what this guy's like what he presented is false i even cited everything and
the court system was like yeah whatever that doesn't matter this guy's right and uh i'm thinking
this happens to so many people right this like these false forensics report happens to me.
And so when I saw and I was involved in these cases, even speaking with Amnesty International themselves, and they asked me for help.
And when they asked me for help, I realized, wow, they don't know what they're doing.
And this is something that is very troubling because it's affecting people's
lives. There was a case, I believe, somewhere in the Netherlands in which several people were
falsely imprisoned due to false evidence of, forensics evidence for pinging on cell phone
towers and say that they weren't at this crime
scene when they weren't. And then finally, the forensics evidence was reviewed and they were
like, oh, you guys can go free with, but they lost so much time. This is not right. Like this,
there is, this has to be, this issue needs to be raised. Scientists around the world need to step up. And yes, it's going to be
tough because battling these people, it ruins, it can ruin your life. I was dismissed from my PhD
program for writing my first, the first report. You're in a different one now?
Yeah. That's a different one.
It's a different one. The one I showed you. I was removed from my PhD program because this former IT director of New York Times contacted my school, my university, wrote a letter to them along with another individual and stated that I was conducting human experiments without permission and I was not listening to peers.
It's a very strange thing.
I wrote an entire blog about it and showed how all of this transpired to the extent that the university said, okay, we reviewed everything and we don't find you in violation of anything.
You can continue your dissertation, your PhD dissertation.
That wasn't satisfying to this group of people.
And so they persisted and messaged the university again
to the extent that the final straw or what actually had me dismissed was I got an email from the IRB, the review board director for the school, saying a tweet that I had sent to a PhD computer scientist was in violation of their code of, and therefore I'm going to be removed. And I said, wait, what?
Why is this tweet in violation?
I wasn't cursing.
I wasn't being vulgar.
I said to the effect, bro, if I was your student, I would see past the smoke and mirrors in which you're putting up because this this man's a phd computer scientist from like
you know stanford something like that just attacking me for publishing one of these reports
and it was not hostile to him again never cursed at him nothing and i i begged the university please
tell me why this tweet is in violation of of any code of conduct and they would not respond and i
posted all my communications with them in a blog post
and ultimately they removed me from the university.
And international media wrote about this.
What year was this again?
This was 2022.
But the same year I got into another program
and this year is when I graduate with my doctorate
at the end of this year.
But yeah, it's been a rough ride going.
Publishing this is...
When did you publish all these in 2023?
2022, 2023, and then I have several coming out this year.
I was going to say, that was my next question.
They take a long time.
And again, I co-authored, I actually co-authored this one
with a PhD computer scientist from Spain.
This one's called Catalongate.
Yeah.
Catalongate Vectors, an Analysis of WhatsApp's Impact on Citizen Privacy
and Amnesty International.
Oh, after you've done this part, we're going to talk about WhatsApp.
Oh, yeah.
So this is very important.
So this one is –
Let's go right to it.
Sure.
Let's go right into it.
So this one I co-authored with Dr. Gregorio Martin from Spanish computer scientist, professor.
And what we discovered was insane. Like this, the idea that people were infected with,
by way of WhatsApp is not unplausible, right?
WhatsApp is known to have vulnerabilities
in which you can exploit.
But WhatsApp notified all of these victims that they were infected with Pegasus.
I mean, guess who was right beside WhatsApp?
The Citizen Lab.
And so they joined up together and said, oh, I'll call them.
I'll call these guys.
But no one ever thought to ask, wait a second,
WhatsApp is an end-to-end encrypted application. How did you monitor my messages and then now you're telling me I'm infected?
It's the same with Apple.
How are you monitoring my encrypted messaging and telling me?
So one of the things that I found was, okay,
if you're saying that these infections are true, let's do another experiment.
And this one was probably one of the most damning because if you turn Wi-Fi on on your phone or you turn it off, you get different infection results.
These are use cases. These are test cases. These are things that you
set out if you're a real scientist and you're trying to think of every possibility that you can.
You can't ever think about everything, right? There's always nuances to things. But
you, one thing about mobile forensics is the output of the data is an exact science.
The methodology is not.
The output of the data is an exact science, which means what you have – the methodology you've executed will give you the exact result based off of the methodology that you've executed.
That is an exact science, the data output.
Now, if you turn Wi-Fi on when you're checking your device for Pegasus,
you get one result.
Turn it off, you get another.
And nobody thought to think of that.
And what we also found is that we could forge.
We could just, again right so again you're injecting everything and and we we spent a lot of time reanalyzing and discussing and trying to
think like are we wrong like are we wrong to be thinking this way because but we're not we're not. We're not wrong to be presenting the possibility of an error, right? We are looking for the truth. We want to, if we had the methodology that we could corroborate, that would be amazing. If this would be released. But it's being, again, presented without this um without this evidence so the whatsapp um whatsapp lawsuit
there's a whatsapp lawsuit which is you know meta and there's the apple lawsuit against nso group
both going on at the same time and what's being presented wait wait wait apple's suing nso
apple suing nso meta's suing nso okay right right yeah and so they're in a they're in a like
a legal mess right and but again who are the people that are actually look the court systems
are not going to understand any of this right how do you present this evidence in a way that can
that's the hard part yeah and and that's the toughest part about the
legal system is they don't understand any of this they're going then they're rather in my opinion
they probably rather believe meta or apple to say that this is what happened and they're not going
to go into technical detail they're they're i mean their forensic scientists are the Citizen Lab and Amnesty. Now, the head researcher of the Citizen Lab, he did his thesis on like I think his master's or like on housing development.
Reliable.
Super reliable.
And I'm just like that's great yeah spyware researcher
you know and yeah you're testifying go testify yeah you're good no no you got to do that that's
all you baby yeah he guilty well that's you raise a good point you know and and that's – you raise a good point and that's where the lawyers in spaces like this, complicated spaces who are the best.
I'm talking the top, usually like New York or Palo Alto, LA type lawyers. $10,000 an hour, whatever it is, because they can go in and mix things up and simplify things towards their sides of the case that then complicates it for the jury and makes them trustworthy.
You know what I mean?
It's like mixing up a salad and saying, you're going to like this.
Don't worry about it. And it's hard for a judge, smart as they may be and well-read as they may be in cases like this, to be able to catch all that and follow all that.
Like these judges, they're working all different types of cases.
I mean some of the shit you're showing us today that people are going to look at on the screen where it's like code lines.
I mean that might as well be fucking Chinese to me.
For sure.
I have no idea what that means i mean you know so it's it's it's a it's a fair point that
you have a problem and you also have the issue that nso is not an american organization yeah
right so you're talking about what you're talking about meta you're talking about apple these are
american organizations you know they're more in tune with the laws here yeah that's and they're
more powerful here and this is what you bring up a good point.
Unless NSO is spying on all the judges, which case –
Yeah.
Meta's fucked.
Yeah.
You guys are done.
We know exactly.
All right.
Yeah.
So you bring up a good point.
They're an Israeli company.
What's funny is in this Rwandan case in Rusesse McGuinness' daughter,
she sued the Rwandan government and Paul Kagame for $400 million.
It's no joke.
She sued for $400 million for kidnapping her father.
It was dismissed.
In what court? It was in D.C.
Oh, so she did it in the U.S.
Yeah, she did it in the U.S. Yeah, she did it in – this same –
$400 million seems a little excessive.
It's too much.
And they were like, actually, you know what?
We have a rule that you can't actually sue a president of another country.
Really?
Yeah, so that's what they came back with.
It was a federal district court judge that was like, yeah, you can't do this.
Why would you waste your money
and time and this that law firm uh cohen mills law firm also lost a lawsuit for suing donald trump
for stuff is just they had this record of like random lawsuits that like there's a lot of places
like that yeah then but they like give me big
money right yeah they get what you get one of those you get one to stick oh baby and they're
like i bet you we can get that 400 who's gonna give you 400 million what's the gdp of rwanda
tell me i'm gonna guess it's not that high you know what i'm saying and i'm just like what what
do you think that you're gonna do like like and that was just wild to me and in the lawsuit she says not only was i spied on
my father was spied on too with pegasus and just like i just threw up my hands at that point i'm
like yeah we don't even she like he was in prison how was he spied on with pegasus and
and it's just their most random stuff, man.
But you just put whatever you want in the complaint.
It doesn't matter.
They just – it's the complaint.
This report though that you did on – this was the one you co-authored?
Yeah, I co-authored.
So you're looking at it from the communique vis-a-vis Pegasus and everything. But everyone always talks about WhatsApp with its complete privacy violations and issues.
Oh, man.
Whereas, like, that's why people want to use Signal and stuff, which the running joke is
if you want to get a direct line to the NSA, use Signal.
Right.
Which I don't know.
I mean, maybe that's true.
Maybe it's not.
Yeah.
But what is it?
What's the problem with WhatsApp's infrastructure?
Yeah.
What are the issues there?
I think the biggest issue is in this case, there was like the WhatsApp.
I think what we talked about or that was mentioned in a video that we were watching that said there's this list of 50,000 people that were targeted with Pegasus and it came from this French organization.
Well, there's another tiny list of like 1,200 people that were spied on with Pegasus via WhatsApp.
Where did that come from?
No one knows.
No one knows.
But for some reason, somehow, Meta and the Citizen Lab are the only ones that know in the world,
and they're the only ones that contacted all of these people
to let them know that they were spied on.
And again, end-to-end encryption, super safe,
but we're going to contact you when you're spied on.
Sorry.
Good luck.
That's weird.
Why are you spying on me and telling me that I'm spied on?
Same with Apple.
Why are you spying on me and telling me I'm'm spying on? Same with Apple. Why are you spying on me and telling me I'm spying on?
It doesn't make any sense, right?
All of this is, and people are going to argue,
well, there's other things that they can monitor that,
what are you monitoring in an end-to-end encryption?
Because these people are saying, now this is the point.
These people that were infected with WhatsApp
were delivered a link that they had to click on.
If you're end-to-end encrypted, how is WhatsApp alerting you that the link that you just received is Pegasus?
Why are they looking at the links inside of your messages?
No, it's end-to-end encrypted.
So what kind of backdoor do they have one of the things that i exploited when i first started all of um when i
first sold software to blanco technology group and one of the things that i noticed um and i i did a
cyber security conference on this was specific sim cards enable back doors into your cell phone. And I showed this live in this cybersecurity conference. So I put in a
Verizon SIM card into a Samsung phone. And I showed that when you change the SIM card, it opens up
more access. And the Verizon always has the most access than at&t or sprint or or t-mobile or even
other you know foreign sim cards and once i popped in that verizon sim card i was able to gain this
you know the the coveted access the android coveted access we were talking about earlier
i was able to gain that all because i switched the SIM card. And because a SIM card has code on it, right? It has an operating system and people may
not know it, but it has a full, it's got, it runs off of Java and there's code in it. And that code
directly communicates with the operating system and it opens up these back doors.
There's so much involved with this, right? Because
the carriers are collecting so much data on us and if we actually look at what kind of information
they're collecting, I don't think people would be uh agreeing to it all except
we are forced to agree to it in our policies you know the user policies think about this
when you get a new iphone you are forced to agree to the policies in order to set up your phone
that's right if you can't if you don't even if every
time you get an ios update too and there's no cancel button right you there's like no i don't
agree there's it's just agree no one's ever read it either yeah and probably read it yeah i've read
it i've read it i've read it i've read it and i've written about it yeah and what i found and one of the things that that is very um
i was able i'm able to extract over 10 000 data points from your iphone over 10 000 that's a lot
and i'm sure even with newer operating systems and newer hardware, there's a lot more.
But there's so much data that's going out, and it's amazing the compression that they have.
His engineering is amazing.
But we are agreeing to the policies that are essentially collecting all of this data on us.
That's right.
And we are doing this to ourselves and we're not recognizing that these companies like google and apple are collecting all this because maybe we don't care but one thing that people may not know is that if you've ever
been to takeout.google.com nope that is a cool way to actually see how much information Google is collecting on you.
Takeout.google.com?
Yeah, takeout.google.com.
And when you go there, you're going to see, you're going to have options that are going to prompt you,
hey, do you want to download 60 gigabytes of the data that we collect on you?
Or do you want to download like 2 gigabytes?
Oh,
it gets deep. To the extent that if you have a Nest camera system, it'll send you the screenshots from your Nest camera system that it's collected on you. Oh, yeah. And sometimes if you opt for all 60 or 80 gigs,
it says it's going to take us 72 hours
to give you all 60 or 80 gigabytes of your data
that we've collected on you.
Do we have this, Alessi?
I'm trying right now. I'm looking.
So this is what I looked up,
and then I put it in the switch engine.
Take out one word.
Yeah, the first should be the first link.
So I put that whole thing in here,.com,
and nothing came up. It should be the first link after you should get out no no um
allow go back go back out is it that uh no go back go back okay it should be the first
what does it say take out does it say take yeah sign it yeah sign yeah sign in yeah the very top
yeah yeah click that okay so you're going to see options here.
Oops.
You can close all that out.
It's fine.
So I'll make sure myself is not getting shot.
Oh, for sure, for sure.
Yeah.
It should be private and it'll take.
Just do a guest.
Okay.
That way.
Yeah, so and then Apple has the same thing.
Which you'll find, so if you go to
privacy.apple.com, you can request your data
and then they say
you know. But they're the privacy company.
They love you. They love your privacy.
Yeah, so they
say they'll only
we can only export like 16
gigs
because we're not going to give you the rest.
It's weird.
Right.
They're like the dwarf among midgets with it.
They're like, we're the best.
You might be.
You still suck.
Yeah, absolutely.
You still suck.
You can reach the second counter there, but you know.
Exactly.
What do we got, Alyssa?
So I skipped that.
So essentially is it just showing me that i can
get all this information oh yeah and it should tell you like the s so you see like file size
to two gigs like zip file or tgz file it's it's like a compressed file okay yeah and if you go
to the gigabytes like go down yeah it can go up to what 50 there you go yeah 50 sorry yeah if i got more than 50 oh yeah
right you definitely oh it's 50 in a day i gotta let it took him it took him like 72 hours to dump
my last one i generally do like once a month yeah i do it once a month yeah absolutely i want to
know what they're doing you know and uh do it's it's so much information. You'd be surprised, like, oh, I didn't know I went there.
Oh, wait.
Yeah, I did go there.
What about, like, VPNs and stuff, though?
Does it pick up everything you still do?
It picks up everything.
It even gives you your map of everywhere you've been.
Well, the VPNs aren't a waste for other things, but, like, Google having it internally.
If you go through their platform, you get it.
That's why like if you want to do something, you got to do it through Safari, DuckDuckGo on a VPN.
Yeah, absolutely.
Look, even with Apple, it's so weird.
I was like, how did you get that account?
Like I haven't seen that account since like 2007.
And it's like, yeah we all these accounts are
associated to your icloud account and i was like i haven't seen that email address and it's like
2007 like what and you're looking at it like wow you're not even giving me everything i think i
don't know when this is going to happen but i think we're rapidly approaching the point and this is this actually might be an okay thing in the midst of all this shit where everyone knows there's so much data
on them that can be taken out of context of like i mean think about the people i've had in this
podcast studio yeah that's when i turn like when people leave here that's when i turn on my vpn
and go to duck duck go which hopefully they can't see that but they probably still can and type in some dark shit based on what people say right and it sends
you down rabbit holes yeah and like if you took any of those out of context you'd be like oh my
god on may 8th 2023 he searched for this i mean it could be yeah right it could it could go it
could go crazy and so i i wonder if we're going to be at a point where no one cares anymore.
People are like, we all look at crazy shit.
We all look at stuff that is like socially unacceptable because on the phone, we can be whatever we want.
Yeah.
No, you make a really good point.
Like what's the end goal of all this data?
Yeah, you're selling it.
But who's creating the actual profile of all this data yeah you're selling it but who's who's creating the
pro who's creating the actual profile of me that's right right like and yeah are you targeting me
with ads maybe am i buying into it of course i bought that hat of course i bought like you keep
feeding me that that same thing over and over i think that one of the statistics was if you show
the same ad like 22 times, I mean,
you're something along those lines that you're, you know, more likely to, it's like, oh, yeah.
Oh, it's true, man. Yeah. And there, and we were just talking about this earlier, like,
so there's a site that we looked at that, you know, you can actually opt out of all of these
data collections, you know, column, yeah, companies,
it's in your browser.
Like just deleting your cookies is not enough.
They're still tracking you, and you have to opt out.
So there's a site that we looked at, and we, you know, yeah, it's a real thing.
And a lot of the malware a lot of the the um viruses
common viruses mainly malware these days right uh is sent through through adware right so all
these pop-ups that come up on your on your um pc or not not so much on max right but pcs um are
notorious for pop-up windows, pop-up windows.
And one of the best things that I could say is get an ad blocker.
AdGuard is one of the best ad blockers
because it'll prevent all of these ads
from just taking over your bandwidth,
injecting malicious files.
VPNs are fine for, say you're at a Starbucks, someone's sniffing you,
you don't want, yeah.
But AdGuard is one of the best things that I can recommend. This is generally how malware is um uh sent on uh you know pcs um androids even unfortunately
have this issue like pop-ups on the android you know here's your ransomware even i've seen it on
the on the androids as well it's a whole uh whole can of worms there absolutely well listen dude we
just had a way longer day than expected too because there was a ton of details here.
You did a great job.
This really got going.
Hey, this is great.
Thanks for the platform, the opportunity, man.
This is huge.
Shout out to your cousin Joe for putting this together, by the way.
Joseph, Joe Cat, thank you.
But, yeah, so people can get you on your Twitter.
You also have a YouTube channel.
I'll link that in the description below.
But there's a ton of questions I have like in general about hacking and stuff that we didn't get to.
So we'll have to do that at some point in the future.
But I appreciate you, brother.
Yeah, man.
Good stuff.
All right.
Thanks.
Everybody else, you know what it is.
Give it a thought.
Get back.
Thank you guys for watching the episode.
Before you leave, please be sure to hit that subscribe button and smash that like button on the video.
It's a huge help. And also, if you're over on Instagram, be sure to follow the show at
Julian Dory podcast or also on my personal page at Julian D. Dory. Both links are in the description
below. Finally, if you'd like to catch up on our latest episodes, use the Julian Dory podcast
playlist link in the description below. Thank you.