I understand that the title makes an assumption that the first paragraph has to walk away from in its last sentence, but I appreciate Schneier’s nuance when framing the question. The spying isn’t new. The list is probably broader than many people assumed, but the real news is that NSO own security isn’t great.
More importantly, if you believe that digital-weapons-for-hire are not a good idea, spreading doubt about their reliability is probably more effective than painting those companies as invincible hackers. They made an architectural choice that exposed their clients. Therefore, if you are a prospect for a similar technology, think hard when they present their tools, and challenge decisions that might expose you.
Better. it s good that they have bad security. they arent in the security business, quite the opposite. It's a company that has found the legal loophole to sell theft-as-a-service. Kind of like banks compared to robbers.
More importantly, if you believe that digital-weapons-for-hire are not a good idea, spreading doubt about their reliability is probably more effective than painting those companies as invincible hackers. They made an architectural choice that exposed their clients. Therefore, if you are a prospect for a similar technology, think hard when they present their tools, and challenge decisions that might expose you.