US Research Paper Invalidates Pegasus Claims

Jonathan Scott, a US computer science researcher in Northcentral University, published recently a white paper which showed that the mobile spyware elements, on which the Citizen Lab based its Pegasus investigation which was later endorsed by Amnesty International (AI), are not reproducible and technically null and void.
The Canadian interdisciplinary laboratory cannot substantiate or corroborate the accusation that multiple nations around the world have been deploying Pegasus spyware and targeting human rights defenders, politicians, journalists and public figures, according to the research paper.
The researcher, who reviewed key findings, mobile forensic methodologies, indicators of compromise and unknown quantitative data, said that published research backing the Citizen Lab represents in fact a conflict of interest as any peer review or independent validation should not be conducted in bad faith by knowingly employing both the researcher and the validator.
Scott made some distinctions that need to be made when referencing malware researchers whom are supposed to be highly trained in the modalities of mobile malware and spyware forensic analysis. In this regard, he pointed out that John Scott-Railton, senior researcher at the Citizen Lab, lacks any endorsement for malware analysis, information security or cyber warfare, and does not have any Common Vulnerabilities and Exposures (CVE) assignments that can substantiate his claims.
Another credited expert at the Citizen Lab is Elies Campo who became a fellow at the laboratory without completing a PhD. Scott drew attention to the fact that this so-called forensics auditor did not abide by research ethics protocols according to which falsification of information to gain entry into the academic institution is considered concocting.
Referring to the Indicators of Compromise (IOCs), a job handled exclusively by trained infosec professionals, Scott said that Citizen Lab frequently identifies IOCs but it has never shared its methodology of acquisition.
On the matter of false positives, he recalled that Citizen Lab uses the Mobile Verification Toolkit (MVT) to detect spyware on a mobile device. The toolkit simply searches for keywords derived from the indicators of compromise published by Citizen Lab and Amnesty International, and can yield false positive results.
To prove his point, Scott conducted an experiment with 9 research participants from 9 different countries. 7 out of the nine subjects yielded false positive results of infection by sending a WhatsApp message to themselves. One of them did not have enough space on his iPhone 6s Plus to complete the iOS backup needed by the MVT-Tool, a fact that raises a lot of questions.
He also quoted Dr. Uraz Yavanoglu, Professor of Computer Science at Gazi University in Turkey, who wrote a similar white paper, warning against Director of Citizen Lab Ron Diebert who is not a computer scientist yet claims to be the principal controlling and monitoring the network traffic within the organization.