Jonathan Scott, a cyber security researcher is no stranger to controversy. In January, the American phone tech expert went public with details that China was using an App developed for the Olympics, to spy on the athletes instead.
In a new shocker, Scott has caused a stir on social media with an unprecedented attack on Amnesty International and University of Toronto’s Citizen Lab. The two bodies published research in May that claimed family of jailed Paul Rusesabagina and many others had their phones infected with Israeli spyware initiated from Rwanda.
In particular, the biggest newsmaker from the Rusesabagina family is his adopted daughter Carine Kanimba. Amnesty International and Citizen Lab found that her iPhone was being monitored. She would go on to give evidence to a US Congressional committee.
Barely a few months later, one tech researcher believes nothing of the sort ever happened to Kanimba’s phone. The allegations are so surprising that Scott has been denounced on social media, a feat he says he is determined to continue undeterred.
It all began late July.
Scott, then a PhD researcher at Northcentral University in US state of Arizona, released a 60-page report “Uncovering Citizen Lab. Debunking CatalanGate”, in which he accuses the Canadian technology and human rights laboratory Citizen Lab of having acted with a complete lack of scientific rigour in the report it published on 18 April on spying on Spanish Catalan pro-independence supporters.
Scott accused the Canadian lab of putting the interests of pro-independence supporters before scientific verification.
Scott wrote that “the CatalanGate report has been presented to the world as the scientific discovery of a global threat. In the same way that medical reports require proof of claim that can be verified by professionals, the same applies to allegations of spyware infection. It is clear that the pressure to publicise CatalanGate has neglected its scientific verification and validation. There is no evidence for more than 55% of the allegedly attacked or infected Catalans”.
“When a crime is reported, the investigator always asks “When did this happen?” and if the answer is: “I don’t know, they told me it happened”, how can the victim act correctly? There are people who were told they were infected with spyware and who live every day believing they have been raped when in fact this is not the case. It is time for people to know the truth,” writes Scott in the conclusions of his report.
Throughout his study, Scott denounces the collusion between pro-independence leaders and the heads of Citizen Lab to create a CatalanGate that included the largest number of alleged spied on individuals. He also highlights the fact that infections are attributed to domains that were not operational at 86% of the times when the attacks supposedly took place, and suggests that some of the 67 cases included in Citizen Lab’s CatalanGate may be false positives or even have been created on purpose to increase the number of victims.
“Deunking CatalanGate” includes a review of Citizen Lab’s information on the alleged victims of espionage with the Pegasus and Candiru programmes, highlighting that half of the cases acknowledge that they do not know when they were attacked and, overall, concludes that the Canadian laboratory does not base its claims of espionage on reliable and verifiable data. More than two months ago, Scott asked the directors of Citizen Lab to provide him with the forensic analyses on the basis of which they had reached the conclusions of its CatalanGate. He has received no reply.
It is these so called “false positives” that Scott now says he has also discovered with the case of the Rusesabagina family phone spying scandal.
Last week, Scott opened a veil on the alleged phone hacking of Rusesabagina’s daughter Kanimba.
Scott writes in his report, ‘NSO through the Veil’, that Amnesty International and Citizen Lab fabricated a claim that Kanimba’s phone was infected with NSO spyware originating from Rwanda. Scott says the scheme was “an international defamation campaign”.
Amnesty International and Citizen Lab, alleges Scott, created a “self-infection” MVT-Tool, which they deceptively fronted as Pegasus spyware.
“I conducted intensive independent research into the MVT-Tool, the code methods, and engaged participants from around the world to help gather data for my hypothesis that the MVT-Tool will deliver a false positive result by sending a message to yourself with a “malicious” website the software had already flagged,” writes Scott.
“The results were as expected, and all able participants in the study had successfully “infected” themselves.”
Scott claims Kanimba’s case, like that of many others in the Amnesty International/Citizen Lab report, were false positives.
Here is how Scott describes his findings:
“After Carine Kanimba’s “forensic” report was released to the public, a tweet was released by ZecOps confirming what I have just written. They confirm that diagnosticd is NOT a Pegasus process, and is part of the default iOS process in the mobile device.”
“ZecOps initiated communication with Amnesty Tech, and claimed Amnesty had corrected the false positive result in their forensic methodology report. This is false.”
“Amnesty did not correct this in their forensic methodology report and along side Citizen Lab, knowingly submitted false data to the United States House Intelligence Committee July 27th, 2022. As I have previously linked and mentioned, this false forensics report is published on house.gov”
“Carine Kanimba’s mobile device was never rescanned after it came to light that her report contained false positive results. Citizen Lab and Amnesty International continued their campaign against NSO Group, and presented this exact false report to the European Parliament, August, 2022.”
In conclusion, Scott writes:
“There is a veil that has been placed over everyone around the world, this veil is hiding the truth about Pegasus and NSO Group. This veil is starting to be lifted, but questions must continue to be raised about the validity of the claims organizations such as Citizen Lab and Amnesty International are making. Lives are being destroyed because these organizations are filling people with fear and telling them they are victims without providing any evidence to them, or the general public.”
Scott’s latest controversial work comes after that on China.
At the time, he revealed that the My2022 mobile app — the official app of the Beijing Winter Olympics in February— had serious security vulnerabilities and that “all Olympian audio is being collected, analyzed and saved on Chinese servers.”
Some of Scott’s colleagues in the international cyber security space were very critical of his report. They said Chine doesn’t need user data to have to “leak” from the app; it can simply be gathered directly from the servers and other infrastructure under the government’s control.
As a result of his work, Northcentral University dismissed Scott from its PhD program, a development he says is collision within the tech community to silence him. He has vowed never to stay quiet as scientific progress is being undermined with impunity by Amnesty International and Citizen Lab, or any other entity.
Scott announced on Tuesday that he had been admitted to another university, which he promised to reveal later. He said his work to uncover more fraudulent tech schemes would continue.
Meanwhile, Rusesabagina’s daughter Kanimba has not yet commented on Scott’s moves. It has been left to regular online critics of the Rwandan government to question Scott’s motives.
Colleagues who know Scott have said he was engaged in such high profile tech revelatory campaigns for purposes of gaining international clout, which he hopes to use in the future for financial gain by for example writing a book.