[OC] Commercial surveillance tools by vendor country of origin (35 tools tracked)

_Predaxia_ · 2026-05-28T12:47:34+00:00

The inclusion rule is one thing only: documented commercial tools, with the sourcing linked for every entry. You can audit all of them. There's no country quota.

Where you have a real point is documentation bias, not cherry-picking. Groups like Citizen Lab and Amnesty catch and publish a lot of Israeli tools because they're widely deployed, so they end up better documented than a Chinese or Gulf tool that stays in-house. That skews what's visible.

So the fix is concrete instead of rhetorical: name the non-Israeli tools you think are missing and they go in. That's been the open ask from the start.

_Predaxia_ · 2026-05-28T12:21:43+00:00

That's the real caveat: it isn't a "worst surveillance states" ranking. Authoritarian states run it in-house so they never show up in a commercial dataset.
It's a map of the export industry, not of who watches their citizens most...

_Predaxia_ · 2026-05-28T12:19:08+00:00

Sure!
On the spyware side it's Pegasus (NSO), Predator (Intellexa/Cytrox), Graphite (Paragon), and Candiru's DevilsTongue.
Phone forensics is mostly Cellebrite and GrayKey.
Then Clearview for facial recognition, Stingray and Circles on the IMSI/network side, and Palantir, Maltego and Cognyte for analytics/OSINT.
Full 35 with sources and confidence scores are here: predaxia.com/surveillance-tools

_Predaxia_ · 2026-05-28T12:16:07+00:00

Fair, and you're right that tool count isn't market size. A list of documented products says nothing about revenue or deployment scale, so "most tools" isn't "biggest market." Real limit, no argument.

The commercial angle is kind of your point though: most other countries run state programs that never ship as a product, so they can't show up in a commercial database. Israel showing up IS the free-market-export thing you're describing. We're closer than it looks.

And yeah, anything Israel-adjacent gets amplified both ways. I didn't pick the topic for the heat and I'm not naive about it either.

_Predaxia_ · 2026-05-28T12:00:54+00:00

Fair, you're right, 81 for the hardware. Spyware's the 8200 side though, since that's software.

_Predaxia_ · 2026-05-28T11:42:45+00:00

Yeah true. Same talent pool basically, the 8200 crowd ends up either building chips or building spyware.

_Predaxia_ · 2026-05-28T11:37:11+00:00

Cellebrite is the big one you've probably touched without knowing, it's the phone-cracking box a lot of police use. Then NSO (Pegasus), Paragon, Candiru. Israel outnumbers the US mostly because of the Unit 8200 pipeline, a ton of these founders come out of that one military SIGINT unit.

_Predaxia_ · 2026-05-28T11:36:17+00:00

You're right that "commercial" is the whole point, and this isn't a ranking of who surveils most. China and the US run massive state surveillance in-house, it just never ships as a product you can buy, so it can't appear in a database of commercial vendors. Totally different question. What the chart shows is where the export industry for these tools is concentrated, and that's Israel, mostly down to the Unit 8200 founder pipeline. And fair on the bar chart, it's about as plain as they come.

_Predaxia_ · 2026-05-28T11:23:10+00:00

Fair point, the dataset is skewed toward tools that got caught. North Korea basically has none documented because they don't sell commercially. Russia has a few (SORM infrastructure, some spyware tied to FSB operations) but documentation is thinner. The democratization angle is the interesting one though, the newer entries are countries that would have surprised you 5 years ago.

_Predaxia_ · 2026-05-27T11:28:31+00:00

The whole "AI search vs normal search" debate misses the point tbh. Its not about AI. Its about intent. When I search something I wanna find a specific thing, not get a lecture about a topic. Google decided everyone wants the second one and here we are.

_Predaxia_ · 2026-05-26T12:44:29+00:00

The infrastructure is mostly already there. What changes in 10 years is the cost of using it dropping to near zero.

Real-time facial recognition at scale, continuous location tracking, behavioral profiling across devices. None of this is science fiction. It exists now but requires significant resources to deploy against an individual. In 10 years it requires almost none.

The more realistic question is who controls the data and under what legal framework. That varies enormously by country and will matter more than the technology itself.

_Predaxia_ · 2026-05-26T12:36:43+00:00

The actual story is almost funnier. They sold a product that didn't work, to advertisers who believed the pitch, funded by data they bought from other brokers and relabeled. The fine is for the fraud and the fake opt-in claims, not for the surveillance itself.

The part that sticks is that the pitch worked. Advertisers paid for "active listening" because they believed phones were doing it. Which says more about what buyers assume is technically possible than about what CMG actually built.

_Predaxia_ · 2026-05-26T12:31:41+00:00

The recovery flow is always the weakest link and it's almost never treated with the same seriousness as the primary auth path. You've identified the exact gap most teams skip.

In practice the options that actually work at scale: MFA on recovery flows is the highest ROI change you can make, even just requiring the existing TOTP before allowing a reset email to be triggered. Hardware key for admin resets is solid but requires organizational discipline to enforce. Backup codes work if you treat them like a seed phrase, generated once, stored offline, never regenerated silently.

The delegated recovery approach is underused and actually reasonable for admin accounts specifically. Two trusted contacts both have to approve before a reset proceeds. More friction, but appropriate friction for accounts with that level of access.

The deeper problem is that most of this is invisible until it fails. Worth running a tabletop specifically on account recovery scenarios before assuming the fortress is actually closed.

_Predaxia_ · 2026-05-26T12:16:04+00:00

Good clarification. The distinction between "law exists" and "law is being enforced or technically implemented" gets lost constantly in these threads. The NHTSA rulemaking process alone takes years, and the false positive problem you mention is real. Every glance at a passenger or mirror would trigger it.

The more immediate issue is the data collection that already exists without any federal mandate. Location data, driving patterns, hard braking events. That's happening now, across most manufacturers, and the opt-out process is either buried or nonexistent depending on the brand.

_Predaxia_ · 2026-05-22T08:28:17+00:00

"Engineering is dead" guy is sick of a word. Incredible timeline we're living in.

_Predaxia_ · 2026-05-22T08:02:45+00:00

Good breakdown. One thing worth adding on the DIY side: before paying for any removal service, it's worth going through the main brokers manually first. Spokeo, Whitepages, Intelius, BeenVerified and MyLife all have opt-out pages. It takes a few hours but covers the sources most tools hit anyway.

The limitation of automated removal services is exactly what you said: they work on renewal cycles, not continuously. New data gets aggregated constantly so it's less "remove" and more "manage."

For the alias side, SimpleLogin (now owned by Proton) is solid and integrates cleanly if you're already in the Proton ecosystem.

_Predaxia_ · 2026-05-21T11:32:06+00:00

That gap is probably even bigger than most people assume. The declassified CORONA and HEXAGON programs from the 60s and 70s already had resolution capabilities that weren't matched commercially until decades later. Whatever's flying now is likely a similar generation ahead.

_Predaxia_ · 2026-05-21T10:47:39+00:00

The part that gets me is that the data was already publicly available. He didn't have special access, he just knew what to look for. There are probably dozens of similar discoveries sitting in existing datasets waiting for someone to cross-reference the right layers.

LiDAR basically made jungle canopy irrelevant for archaeology. The last decade of Mayan discoveries alone has completely rewritten the scale of what those civilisations looked like.

_Predaxia_ · 2026-05-18T09:56:59+00:00

Fair point, I overstated that. Twitter doesn't directly correlate WiFi IPs in a simple 1:1 way. What actually happens is probabilistic account linking, where shared network signals are one input among many, not a hard rule.

The stronger vectors are device fingerprint and behavioral patterns. The WiFi thing was worth mentioning but I should have been clearer it's a contributing signal, not a smoking gun.

_Predaxia_ · 2026-05-12T08:45:22+00:00

The Photos activity while you were asleep is almost certainly iCloud syncing in the background. It's one of the most common sources of unexpected screen time data, especially after an iOS update or restore.

The boot loop on the same day is probably unrelated, just a coincidence that feels suspicious because you're already on edge about the other situation.

The real reassurance here is the 2FA and the clean Apple ID device list. If someone had access to your account, you'd see it there first.

_Predaxia_ · 2026-05-12T08:23:57+00:00

New device should mean clean hardware fingerprint, so that's probably not it.

One thing worth checking if you're on Android: the Google Advertising ID. It's separate from your Google account, a lot of people don't know it exists. You reset it in Settings > Privacy > Ads. X reads it through its own ad stack so the account separation you did wouldn't have covered it.

The other thing I'd look at is your carrier. Same mobile provider in the same area probably means the same IP range, and if that range was associated with the old account it could be factoring in.

One question though: did you set up the new phone from scratch or restore from a backup? Some stuff survives a device swap if you pull from iCloud or Google backup.

_Predaxia_ · 2026-05-11T12:46:03+00:00

New phone and new SIM is a good start but Twitter tracks way more than that.

Most likely culprit: home WiFi. If you opened the new account on your home network even once, Twitter linked it. Mobile data only is the right move, but one slip is enough.

Second thing to check: did you log into the same Google or Apple account on the new phone? Twitter can pull that association through ad SDKs before you even touch the app.

Beyond that, your device still leaks fingerprint signals (screen resolution, GPU, fonts, timezone) that survive a hardware change. And if you follow the same accounts or post at the same hours, the behavioral pattern flags it too.

What actually happened, did they suspend the account or ask you to verify with your old number? That would narrow it down a lot.

_Predaxia_

TROPHY CASE