Slashdot Mirror
WikiLeaks Reveals CIA's Secret Hacking Tools and Spy Operations (betanews.com)
Mark Wilson, writing for BetaNews: WikiLeaks has unleashed a treasure trove of data to the internet, exposing information about the CIA's arsenal of hacking tools. Code-named Vault 7, the first data is due to be released in serialized form, starting off with "Year Zero" as part one. A cache of over 8,500 documents and files has been made available via BitTorrent in an encrypted archive. The plan had been to release the password at 9:00am ET today, but when a scheduled online press conference and stream came "under attack" prior to this, the password was released early. Included in the "extraordinary" release are details of the zero day weapons used by the CIA to exploit iPhones, Android phones, Windows, and even Samsung TVs to listen in on people. Routers, Linux, macOS -- nothing is safe. WikiLeaks explains how the "CIA's hacking division" -- or the Center for Cyber Intelligence (CCI) as it is officially known -- has produced thousands of weaponized pieces of malware, Trojans, viruses and other tools. It's a leak that's essentially Snowden 2.0. In a statement, WikiLeaks said CIA has tools to bypass the encryption mechanisms imposed by popular instant messenger apps Signal, Confide, WhatsApp (used by more than a billion people), and Telegram.
No need for zero-day exploits when Donnie's using a four-year-old Samsung that's probably got more holes than Jeff Sessions' Congress testimony.
https://wikileaks.org/ciav7p1/...
Reading list
A list of websites I like to check out to stay up to date and get new ideas:
General
http://reddit.com/r/netsec along with all the other good subreddits (RE, forensics)
http://thehackernews.com/
http://slashdot.org
Forensics
http://swiftforensics.com/
Ha, ha, hello CIA friends, I hope you've enjoyed all my ENTIRELY SATIRICAL posts over the years that may have appeared to the slow of wit to be critical of the government and the Agency, but were in fact entirely in jest. I'm sure you had a good chuckle all the times I COMPLETELY IRONICALLY referred to you as lying liars who lie about your lies to bring us into war under war false pretenses...over and over again.
Anywho, keep up the good work, friends!
We don't have a state-run media we have a media-run state.
The NSA records every phone call, every email, every SMS and most web access, especially foreign people. Obama did not have to order a special wire tapp (Trump's spelling), it is done routinely. Trump may have shot himself in the foot by making surveillance an issue. Everybody does not like being under surveillance so I will throw the canned response back at this administration, "If you have nothing to hide, why complain about surveillance?"
I expect privacy and anonymity, but I know I do not have right.
*3 Billion devices run JAVA* because everyone's motherboard is running it.
32c3 Intel CPU backdoor live hack demonstration, keystrokes logged and sent over wire, wireshark can't detect packet because the Intel backdoor runs above the OS:
Towards (reasonably) trustworthy x86 laptops
REcon 2014 - Intel Management Engine Secrets
Tools to remove Intel backdoor firmware (The backdoor firmware sits outside the BIOS, you need to physically clip onto a 8pin chip on motherboards to download/neutralize/flash the rom, nothing else can touch it):
https://github.com/corna/me_cleaner.
Neutralize your Intel backdoor:
Neutralize ME firmware on SandyBridge and IvyBridge platforms
First introduced in Intelâ(TM)s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge).
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating systemâ(TM)s memory as well as to reserve a region of protected external memory to supplement the MEâ(TM)s limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that canâ(TM)t be ignored.
https://hackaday.com/tag/intel-management-engine/
Five or so years ago, Intel rolled out something horrible. Intelâ(TM)s Management Engine (ME) is a completely separate computing environment running on Intel chipsets that has access to everything. The ME has network access, access to the host operating system, memory, and cryptography engine. The ME can be used remotely even if the PC is powered off. If that sounds scary, it gets even worse: no one knows what the ME is doing, and we canâ(TM)t even look at the code. When â" not âifâ(TM) â" the ME is finally cracked open, every computer running on a recent Intel chip will have a huge security and privacy issue. Intelâ(TM)s Management Engine is the single most dangerous piece of computer hardware ever created.
Intel Active Management Technology
Almost all AMT features are available even if the PC is in a powered-off state but with its power cord attached, if the operating system has crashed, if the software agent is missing, or if hardware (such as a hard drive or memory) has failed.[1][2] The console-redirection feature (SOL), agent presence checking, and network traffic filters are available after the PC is powered up.[1][2]
The Management Engine (ME) is an isolated and protected co
Can I be the first to say:
In CIA America, TV watches YOU!
I feel like I may already be too late though.
Market forces are exactly what you want in play when you're lying on a gurney in the emergency room; that way people won't be saved for a penny less than they or their families value their lives.
The question isn't about the spy capabilities. It's about whether these tools are used without logging and review by elected officials from the Congressional security committees.
If they can be, then they will be by this or that faction spying not on the bad guys but their own political opponents. This is the reason for the 4th Amendment, to stop the king from filching through opponents' papers at will looking for stuff to tag them with.
They should have an automated and non-disablable logging system that stuff things into some MD5 file that is copied offsite to multiple places, to prevent editing of it. I'm pretty sure they have little more than a piece of paper with a checkbox "You did bother to get a warrant. Or at least a national security letter, right?" before all activity is not logged anyway.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Ever heard of the phrase "An angry man is an enemy, and a satisfied man is an ally"?
Ya. Worst pick-up line - ever.
It must have been something you assimilated. . . .
To be fair: If James Clapper says they didn't, then they did. Not with the white house's knowledge, mind, but that guy's credibility is right down there with POTUS45 himself.
This leaves us with a time-destroying paradox: Clapper says they didn't, but Trump says that they did. Therefore they absolutely did so, and absolutely cannot have done so. Both possibilities both did and could not have occurred, and our primitive technology does not yet allow us to see the havoc we have wreaked upon our poor continuum.
Trump said Sweden was crime ridden due to immigrants. next day Sweden then had a riot, Radio24syv investigates it, finds Russian TV station NTV paid youths to burn a car. Trump supporters cited the riot as proof Trump was right and Swedish media was wrong.
This is misinformation at its worst.
The riots in Rinkeby were sparked by a police arrest.
Are people really modding up this feces, this worst kind of fake news?
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
Tools to remove Intel backdoor firmware (You need to physically clip onto a 8pins chip on motherboards to download/neutralize/flash the rom, nothing else can touch it)
Not actually true. You can politely ask the ME to overwrite itself with the FPT.exe or FPTw.exe (dos/windows version). There is also a uEFI and Linux version available, but they're much harder to source.
The SPI ROM of the system contains 4 regions (normally):
* BIOS (just what it says)
* ME (the manageability engine, required to have a min set of features present to boot newer platforms)
* GbE (your MAC address and the magic numbers for configuring the PHY/MAC are here)
* OEM (Things like OEM product keys, service tags, etc.
Now, that min sku that is required to boot the platform in the ME region contains:
CPU uCode patch
Power config profiles
(I really don't remember what else, but it is quite benign)
What the min sku doesn't contain:
AMT (advanced management technology: The remote power on/off setting sleep states etc.)
SOL/IDER (Serial Over LAN / IDE Redirection: essentially the ability to load a local (to you) HDD image to the remote machine and boot to it over lan, rather than the remote machine's local HDD)
KVM (just what you would think)
So, in a nutshell, if you're afraid of the big bad ME, then buy min sku'd parts. Avoid Q series (as those have everything enabled).
The ARC processor is gone BTW, replaced with Tiny IA. Licencing on the ARC and the fact that Intel was shipping an ARM CPU with every board... yeah, not popular internally. The signed Java operations is dead. AFAIK it never shipped live, though there was a hell of a push for it. Customers (Dell, HP, Lenovo) liked it but didn't want to deal with what was involved and most importantly wanted it for free...
Out of band ethernet for ME was killed off in the transition from ARC to TinyIA.
And finally, it's not all horrible:
This feature was designed for corporate users, basically putting a RILO card embedded into every corp desktop. From that perspective it's actually a really cool feature. Now, that it was so tightly integrated was Intel's way of making sure the OEMs bought it. Security was taken *VERY* seriously about this entire environment. Intel knows that if this was breached in a big bad way it would be devastating for it's customers, and thus for it as well.
Any other questions?
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
Mod me flamebait if you will, but that's how Trump got to "I was wiretapped!" Via a conspiracy theory from a right wing radio host that Breitbarts picked up and Fox ran with. We have a man at the top of the one of the most powerful espionage machines the world has ever known, and he gets "intel" from right wing commentators. Can't you see this for what it is, a massive vulnerability at the very top of the US Government? A foreign power could game the system by selectively feeding the likes of Levin and Breitbart stories of this kind, and because Trump clearly has no trust of his own departments, and spends far too much time watching television, he would be supremely vulnerable to such manipulation.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Clapper isn't trustworthy, but then again, neither is Trump, who clearly just picked up on a bunch of garbage coming from Levin and Breitbarts, more conspiracy theory nonsense, and running with it. It's pretty clear that no one else in the White House even saw this coming, which is why they really had no way of countering it other than "The President has ways of knowing things!" Considering we can trace the wiretap claim right back to Levin, who was exaggerating the already well known fact that Russian communications were being monitored during and after the election (because concocting anti-Obama conspiracy theories is what right wing radio shock jocks have been doing for eight fucking long years), so we know Trump didn't likely get any of this information from the FBI or any other government intelligence services.
And now we see as Trump's mouthpieces basically dilute the entire wiretap claim to the point where it was "something", that they're trying to make the entire "wiretapping of Trump Tower" conspiracy theory go away, because what Trump really did was empower and invite Congressional oversight to begin looking even closer at the nonsense going on between Trump's proxies and the Russians during and after the election.
The world's burning. Moped Jesus spotted on I50. Details at 11.
On the March 6, 2017 Tucker Carlson show, Congressman Jim Hines admitted Congress (and his committee) is not conducting any meaningful oversight of the spy agencies.