It's the primary source and much more detailed, so I think it would be.
I'm curious about the company that seems to have built the frameworks, and they didn't seem to speculate or include much information about who they are and if they are a legitimate company or some sort of shell.
"Google’s TAG researchers pointed to Heliconia as an example of the proliferation of commercial surveillance tools and how dangerous they can be for many groups of potential targets."
This is really a fucking hoot, coming from the worlds biggest commercial surveillance company 8-/
Google is a "commerical surveillance company" in a very different sense than what is being described here.
While criticism of Google is warranted in many circumstances, this seems like one where Google is actually in the right, making your comment in this context off topic and a distraction.
I am a fan of pushing people to use services that respect their privacy (aka not google), but that only helps if the underlying infrastructure is secure. If we have malware vendors operating root CAs, that is a significant problem that deserves to be discussed without devolving into generic google bashing.
Edit: There is no proof that a malware vendor was operating TrustCor CA, but there sure was a lot of smoke...
Sorry I missed the window for a timely reply. Yes, these are valid
serious concerns. You're right that unfocused, random denouncements
add very little. It's hard to know what to focus on these days as so
much of tech has gone to the dogs. Outrage, even at most egregious
acts has lost its edge. Naked criminality is being normalised. This
cannot be good. Thus I find I've more sympathy for (or rather, less
will to criticise) those who pour nebulous scorn and mistrust around.
They have "a point" even if they are unable to make one.
https://blog.google/threat-analysis-group/new-details-on-com...