Slashdot Mirror

← Back to Stories (view on slashdot.org)

WikiLeaks CIA Files: The 6 Biggest Spying Secrets Revealed By the Release of 'Vault 7' (independent.co.uk)

Posted by BeauHD on from the bigger-isn't-always-better dept.

Earlier today, WikiLeaks unleashed a cache of thousands of files it calls "Year Zero," which is part one of the release associated with "Vault 7." Since there are over 8,000 pages in this release, it will take some time for journalists to comb through the release. The Independent has highlighted six of the "biggest secrets and pieces of information yet to emerge from the huge dump" in their report. 1) The CIA has the ability to break into Android and iPhone handsets, and all kinds of computers. The U.S. intelligence agency has been involved in a concerted effort to write various kinds of malware to spy on just about every piece of electronic equipment that people use. That includes iPhones, Androids and computers running Windows, macOS and Linux.
2) Doing so would make apps like Signal, Telegram and WhatsApp entirely insecure. Encrypted messaging apps are only as secure as the devices they are used on -- if an operating system is compromised, then the messages can be read before they are encrypted and sent to the other user(s).
3) The CIA could use smart TVs to listen in on conversations that happened around them. One of the most eye-catching programs detailed in the documents is "Weeping Angel." That allows intelligence agencies to install special software that allows TVs to be turned into listening devices -- so that even when they appear to be switched off, they're actually on.
4) The agency explored hacking into cars and crashing them, allowing "nearly undetectable assassinations." Many of the documents reference tools that appear to have dangerous and unknown uses. One file, for instance, shows that the CIA was looking into ways of remotely controlling cars and vans by hacking into them.
5) The CIA hid vulnerabilities that could be used by hackers from other countries or governments. Such bugs were found in the biggest consumer electronics in the world, including phones and computers made Apple, Google and Microsoft. But those companies didn't get the chance to fix those exploits because the agency kept them secret in order to keep using them, the documents suggest.
6) More information is coming. The documents have still not been looked through entirely. There are 8,378 pages of files, some of which have already been analyzed but many of which haven't. And that's not to mention the other sets of documents that are coming. The "Year Zero" leaks are just the first in a series of "Vault 7" dumps, Julian Assange said. You can view the Vault 7 Part 1 'Year Zero' release here via WikiLeaks. The Intercept has an in-depth report focusing on how the "CIA Could Turn Smart TVs Into Listening Devices."

9 of 457 comments (clear)

  1. Surprise! by Anonymous Coward · · Score: 2, Informative

    There is no surprise...

  2. Re:Betcha Trump is going to mad at Assange again by Camel+Pilot · · Score: 1, Informative

    Trump love Assange.... and vice a versa.

  3. Re: Not surprise in the least... by Anonymous Coward · · Score: 0, Informative

    Not locking her up is really bad for the concept of Rule of Law.

  4. Re:Is any of this new? by Anonymous Coward · · Score: 2, Informative

    i thought they had a hard time breaking into iPhones before in various forms..? was this a lie ?

    That was the FBI not the CIA. It is apparent (or perhaps they just want us muggles to believe) that these agencies do not cooperate at all.

  5. Linux malware... by dbreeze · · Score: 3, Informative

    https://wikileaks.org/ciav7p1/...

    https://wikileaks.org/ciav7p1/...

    Can someone give us the Cliff Notes on what we need to sudo rm -rf ??? Is it just routers being targeted...?

    --
    When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
    1. Re:Linux malware... by dbreeze · · Score: 4, Informative

      Here's a few excerpts...

      V2.5.1
      11/29/2012
      Modifies all mikrotik, linux, and solaris code so any successful beacon or trigger will also create a /var/.config timer file if it does not already exists. Note that the trigger listening function will automatically self delete the executable if it discovers that the /var/.config file does not exists. If a self delete occurs, the normally empty /var/.config will contain a time stamp when the actual self delete occurred using a yymmddHHMMSS format. Previous versions would allow the
      executable to stay on the box but would stop the process whenever the /var/.config file was removed. Version 2.4's Caution for Solaris shells still applies. A new
      Hive updating script called hiveReset_v1_0.py was added which also resets the self-delete timer for all linux, Mikrotik, and Solaris devices.

      (S) Below is the list of files included in this release, along with their size and MD5 hashes.
      Filename File Size(bytes) MD5 Hash
      CCS.xml 490235 1dd06dd5b74ceb7cab9b599a22f99975
      cutthroat 1095780 caba38dc033c86f5f9daa837dfe4c2fa
      hive670859 216f0da2dca51fb33044e5b525db45a3
      hive-patcher 1368840 dee62bac8aa66f6a309c2bb1c675c3e0
      hiveReset_v1_0.py 60292 d3153e378e24f4bed0ceddfcab599fb8
      honeycomb.py 15500 5ef80df352e52e191556663c0bcc3059
      swindle.cfg 680 3b9185be038c826c39734f1be273b37f
      Unpatched Binaries
      hived-linux-i386-unpatched 165280 a7729c8b0c5f1b0f3bc1888a43be3525
      hived-mikrotik-i386-unpatched 163426 7905ecba0e020fe8883099fb45ff2e50
      hived-mikrotik-mipsbe-unpatched 234944 e74ad934ff90aa2354d3874009563343
      hived-mikrotik-mipsle-unpatched 235307 4f2d7d2e817684a21f2de8315c2d9eb3
      hived-mikrotik-ppc-unpatched 175812 0806e6641cafe014266d30ee1d4b37ef
      hived-solaris-i386-unpatched 174764 3adb8dfaf459948a0eea6a9439396059
      hived-solaris-sparc-unpatched 207720 aa853024ec50b914c3cb3717b36d7e5c

      --
      When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
  6. Re: Not surprise in the least... by s.petry · · Score: 2, Informative

    Apparently, a first grader has a better understanding of "Context" than you do. Frankin's question was specific to Trump surrogates communicating with Russian officials. Here is a working analogy for the genuinely handicapped who can't understand the context.

    Senator Al Frankin: We have reports that people like you were firing guns into a crowd, and that you were near the crowd.
    Jeff Sessions: Senator Frankin, I was there but never fired a gun.

    Buffoons : We have reports that while hunting in the woods a few months ago, Attorney General Sessions did in fact fire a gun. He is a liar! PERJURY!

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

  7. Re: Not surprise in the least... by grcumb · · Score: 4, Informative

    ... innocence is not a legal concept.

    Presumption of Innocence is a formal concept in Common Law.

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
  8. Re: Not surprise in the least... by ShaunC · · Score: 4, Informative

    That is nonsense. The IT guy that wiped her server, after the investigation began, posted on this very site asking for advice on how to destroy the evidence.

    He posted on Reddit, not here, and his inquiry didn't read to me like an attempt to destroy evidence. He was trying to figure out how to redact email addresses from a large corpus of archived messages. This is standard practice during electronic discovery and document production, and isn't a sign of anything nefarious.

    Jeb Bush performed the same scrubs on his email archives, after first releasing them unredacted and causing an uproar because they were full of constituents' personal data.

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!