Slashdot Mirror
Federal Criminal Probe Being Opened Into WikiLeaks' Publication of CIA Documents (cnn.com)
A federal criminal investigation is being opened into WikiLeaks' publication of documents detailing alleged CIA hacking operations, CNN reports citing several U.S. officials. From the report: The officials said the FBI and CIA are coordinating reviews of the matter. The investigation is looking into how the documents came into WikiLeaks' possession and whether they might have been leaked by an employee or contractor. The CIA is also trying to determine if there are other unpublished documents WikiLeaks may have. The documents published so far are largely genuine, officials said, though they are not yet certain if all of them are and whether some of the documents may have been altered. One of the biggest concerns for the federal government is if WikiLeaks publishes critical computer code on how operations are conducted, other hackers could take that code and cause havoc overseas. Security expert Robert Graham, wrote on Tuesday: The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. The CIA didn't defeat Signal/WhatsApp encryption. The CIA has some exploits for Android/iPhone. If they can get on your phone, then, of course they can record audio and screenshots. Technically, this bypasses/defeats encryption -- but such phrases used by Wikileaks are highly misleading, since nothing related to Signal/WhatsApp is happening. [...] This hurts the CIA a lot. Already, one AV researcher has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA, as it matches the description perfectly to something in the leak. We can develop anti-virus and intrusion-detection signatures based on this information that will defeat much of what we read in these documents. This would put a multi-year delay in the CIA's development efforts. Plus, it'll now go on a witch-hunt looking for the leaker, which will erode morale.
Where is the Federal Criminal Probe into illegal spying by our own government?
...but we can't tell you what we're doing with your money.
So, Just like Snowden, let's ignore the purportedly criminal and corrupt activity of the US Government and it's elected thugs - and just kill the messenger. Sweep the body under the run and strong arm anyone with evidence to go away.
Case Closed, mission accomplished, normality achieved.
One of the biggest concerns for the people of the United States is if WikiLeaks publishes critical computer code on how operations are conducted, CIA/FBI hackers could take that code and cause havoc overseas AND/OR at home and blame someone else. False-flag ops are standard I hear.
Maybe they should have thought of that before hoarding vulnerabilities instead of disclosing them. Security by obscurity is equivalent to no security at all. The responsible thing for the CIA to do now is a disclosure of all known vulnerabilities to the parties of those products so they have some chance to patch them before exploits are in the wild. What they will do instead is waste taxpayer money on this investigation and continue to go after WikiLeaks while continuing to hoard vulnerabilities and continue illegal domestic spying.
The people who disapprove of the government's abuse of power are an entirely different set of people than those who take action on behalf of these agencies.
From their perspective, what they are doing is perfectly fine...ordinary people are beneath them and spying on them doesn't actually hurt them anyway (except, of course, in cases were they WANT it to hurt them, which is a positive). It is not like they secretly know they are doing something evil and now feel like a kid caught with his hand in the cookie jar. That is ridiculous. They think that their power-abuses are not abuses at all, and are in fact appropriate and responsible uses of power.
They also think this must all be kept secret, because the masses whine about it and because their tools won't work well if too much is known about them. Just treatment for the masses doesn't enter into these decisions at all.
So they don't feel caught or guilty. They only feel betrayed, and they are out to punish the betrayers and do what they can to prevent such betrayal in the future.
You will never change their views on these issues, by any means. Your moral arguments are just babbling nonsense to them.
Gotta keep cleaning house until all Democrat moles are gone.
CIA activity that security experts thought were associated with the Russians or Chinese until these documents were released? I wonder if this applies to anything else..... (commence the down voting)
Remember when it emerged that the NSA was intercepting Cisco hardware during shipping, installing malware on it and then sending it on to the buyer? I imagine that's how they infect most of the Samsung TVs, not some Mission Impossible dangling from a wire shit.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
The documents published so far are largely genuine, officials said, though they are not yet certain if all of them are and whether some of the documents may have been altered. However, WikiLeaks thus far has a 100% accurate record, so it would be absolutely shocking if even a single document is not authentic. One of the biggest concerns for the federal government is if WikiLeaks publishes critical computer code on how operations are conducted, other hackers could take that code and cause havoc overseas. Of course, the federal government is merely deflecting blame on WikiLeaks, when it appears likely the CIA has already lost control of these tools to the hacking communities and agencies of the world.
Wow, the CIA and FBI only just noticed they might have a problem, after years of leaks from the intelligence community to the press?
I don't know what good a search will do when at this point it seems they are fundamentally riddled with leaks.
The glamorization of Snowden only serves to amplify the situation, I'm sure each of the intelligence agencies has a lot of Snowden's in the making, now that they can see Snowden has not been brutally assassinated as one would have expected before. The agencies have no teeth anymore.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
10 Times today it was repeated on CNN that the CIA "Only spies on foreign citizens, not on US citizens"
I don't believe that for one second. Knowing how little oversight the CIA gets from congress they could dragnet all of American communications and lie to congress and say they weren't doing it. Actually, wait isn't that exactly what the NSA did? Didn't Former NSA director James Clapper lie under oath to congress when he professed the NSA wasn't spying on americans, just a few months before snowden proved that they where? Why should we expect the CIA to do any different, just because their mission statement say's they don't have jurisdiction to spy within american borders?
Nobody's watching this watcher, which is why we shouldn't trust them one iota.
anyone who claims to be an expert, or the press says is one, is probably not... he said "...software bugs are a small part of the problem..." what rock is he under?
nothing to see here - move along
Plus, it'll now go on a witch-hunt looking for the leaker, which will erode morale.
Seriously, was there any morale left to erode?
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
This. Heck, the NSA even had a program where they would infect with malware all the PCs/laptops shipped to an area, just in hopes the target would buy one. I'm sure the CIA could do the same with TVs.
Socialism: a lie told by totalitarians and believed by fools.
If you hire a bunch of honest people who are loyal to their country, and then ask them to do illegal and immoral things, eventually they rat you out (that being the decent thing to do, and all).
If you hire a bunch of crooks who have no qualms about betraying others for your profit, eventually they will betray you for their profit.
If you hire people stupid enough to believe that patriotism is the same thing as unquestioning obedience to government officials, they won't be competent enough to do their jobs.
I realize that government officials absolutely abhor transparency and public accountability...but....the new technological landscape is eliminating some options for secrecy that once allowed corruption to thrive.
The spooks do what they want because it's "important to security" and if they are called on it, they kill the messenger instead of cleaning up their act...
Seems both sides - not the messenger - but the spooks on either side have a similar character makeup and feed on each other to keep this game going.
The neverending story.....
Now we have a public database of exploits that can be sealed. Start hiring Americans again, even if it means going so far as recalling developers over forty, and get these vulnerabilities fixed.
Just and FYI, most of the commercial product hacks are known. There is very little security on IoT devices, including "smart" TVs that it is trivial to compromise one. And I've seen active "hacks" of vehicles in videos, not quite as trivial as IoT devices,
In general, I already suspected much of what was revealed by WikiLeaks, even if I couldn't actually prove it. Most of the IT people I am familiar with, understood the possibility and even the likelihood that the tools existed, and weren't surprised when WikiLeaks said as much.
Most people don't want to know how deep the surveillance state goes. Very few of us are terrified of it.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
So, what you're saying is the the whole "It was the Russians" line given to us by the surveillance state (17 agencies) is ... not true???
Say it ain't so!
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
next they'll come for you and no one will speak out. If its gotten to the point that the GOV is going after people who leak out illegal acts of GOV agencies that broke laws, democracy at that point is just a facade.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
here's a nice tidbit that, to me, nicely illustrates the problem with attribution: "one AV researcher has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA" Bear this in mind the next time someone says "that guy did it"
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
It's not called "The CIA." It's just "CIA."
Kriston
We stood by an election orchestrated by a foreign government, and we didn't stop, yet continued walking forward into Trump's madness. Trump was exactly what this country needed not!
https://www.youtube.com/c/BrendaEM
It's not Central Intelligence Agency, it's the Central Intelligence Agency. Abbreviate it and it's the CIA, not CIA.
Try it and see: "Jimmy was disappeared by CIA" vs "Jimmy was disappeared by the CIA".
It occurs to me that this Leak could be used as the argument for why placing a backdoor into encryption is a bad idea. At some point in time - somebody will figure it out and leak it to the world.
The idea that the government is going to be trusted with these BIG secrets and they won't get out is preposterous. See see -- don't look over there!! Ignore the man behind the curtain.
It is "the CIA" when used in a sentence. Usage from the CIA website:
https://www.cia.gov/about-cia/...
Go get Wikileaks' "summary" of the first Vault7 release. You'll know you're on the right one because it's a list of bullet points.
Now get the actual first Vault7 release from Wikileaks. You'll have to do a little searching, but see for yourself if the summary (made to be released to the Western media) actually corresponds to anything in the Vault7 release itself.
You will be surprised, especially if you think Wikileaks is a force for transparency.
If you're really lazy, go read some posts by infosec experts and pro-privacy bloggers. They're already doing some of this work for you, and you will still be surprised at what they say. I don't want to spoil it by telling you.
You are welcome on my lawn.
A "witch hunt" doesn't mean there isn't a witch to find, it means that the mob is just as happy burning a witch as it is burning the innocent girl that happens to have a wart.
One of the biggest concerns for the federal government is if WikiLeaks publishes critical computer code on how operations are conducted, other hackers could take that code and cause havoc overseas.
Criminals that get ahold of this will loot AMERICA. This is exactly what every single security expert has warned against, pretty much since the internet existed.
But we can point to U.S. law that makes searching of one's property without a warrant illegal. And since that is WHAT they are using those vulnerabilities for, perhaps we should charge them under criminal law.
If the Russian hacker group Fancy/Cozy Bear turn out to U.S. operatives.
Setup Password-less Access to Another Machine via SSH (hey, I didn't knew the ssh-copy-id command): https://wikileaks.org/ciav7p1/... ; C Coding Conventions: https://wikileaks.org/ciav7p1/... ; iptables rule to drop packets randomly: https://wikileaks.org/ciav7p1/...
Graham is a eyewash/whitewash artist. Every thing he writes/types is in apologia for the duplicative, plausibly deniable, government departments of mercenaries-posing-as-patriots and he presents his fallacious messaging in gatekeeping fashion so as to say "Nothing to see here. Move along." His duplicitous writing has led to a tremendous amount of archive.is activity for a podunk blog because he keeps changing his messaging after people comment to call him out on his bullshit.
Please don't believe someone or adopt a consensus groupthink belief in someone's expertise just because that someone is proclaimed to be an "expert". More often than not, groupthink-proclaimed experts are compromised puppets who are carrying water for the-powers-that-shouldn't-be. Robert Graham ought to be considered to be a part of the overall problem, not someone clarifies it. Graham's effortless gatekeeping of the Vault 7 situation is an absolute whitewash that favors the "legitimate" spy stuff that the CIA carries out not against foreign adversaries, but against the taxpayers it claims it does things for in the interest of national security, interest of which it can neither confirm nor deny because an alert and avid citizenry is more dangerous than a placid and entranced citizenry.
What's the big deal? Nobody who's been paying attention is going to be surprised that the CIA and/or NSA developed viruses.
While I assume the CIA and NSA employ very good malware writers, I don't see any reason to think they're the best out there. It wouldn't surprise me at all to find out that the Russian ones are better. By putting a virus out there, without even a copyright notice, the CIA is asking for people to reverse-engineer it and understand it. Not all of these people have pure hearts and good intentions, and it's almost certainly possible to repurpose such malware. Improved malware defense means that the Russians and Chinese and Israelis and other people have more trouble hacking into our computers.
Also, once such a virus is published, it will become less effective. If the CIA/NSA efforts were competent, they'd have more and different malware waiting around to be used, so this wouldn't set CIA operations back for years.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Wasn't it pretty much all CIA assets and Saudis who attacked the country on 9/11? Drug smuggling into LA to support foreign regime changes? The CIA attacks its own country quite a bit.
Time to make it a federal crime for any organisation public or private that knows of vulnerabilities to fail to disclose those vulnerabilities to the vendor. Circumventing computer security and knowingly allowing vulnerabilities to persist is tantamount to sabotage enabling financial and reputational damage to organisations and individuals that use those computer systems/software. Class action?
Mainstream (News) Media.
Knowing that it's unavoidable isn't a reason to not be terrified. Refusal to look ahead and evaluate plausible outcomes is the only reason to not be terrified.
OTOH, being terrified isn't very useful. But knowing these things exist is why I keep hoping for an early singularity. I give us 50% chance of surviving the singularity as a technological species, but if we do thing may turn out very well (though, of course, unpredictably so). My current estimate is still 2030, though that's earlier than most predictions which are around 2050. I consider myself an optimist because if humans stay in charge I put our chances of survival as minimal to negligible. Then again this may be the most significant stage of the "Great Filter". Available evidence is inconclusive. (Another possibility is that virtual reality gets good enough that everyone forsakes meatspace. Another is that sex toys get attractive enough that we have a total population crash. There are also unpleasant possibilities.)
I think we've pushed this "anyone can grow up to be president" thing too far.
When making things illegal that shouldn't be and hinderance of participation in government is the norm, 8 illegalities is the general conduct of everyone.
When the government is so corrupt, as well as other prevailing conditions, how do you propose doing that effectively?
Just who do you think 'WE' are? The people whose task it is supposed to be to charge people with crimes is just as corrupt as the rest of the government.
Thank you. Now I know.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Some will get patches in a relatively short time, however if history is any indication many will go unpatched and some will never be. Further, if the information is out there, but not made public, things get far worse.
WikiLeaks became the news before, on purpose with the intent to DISTRACT and change the conversations to the messengers instead of the messages. On top of that to send a signal to any future leakers or publishers or press.
WikiLeaks worked with 3 serious news organizations with their big leak before that got all the news and all we heard was attacks on Wikileaks and Manning. Discussing the act of leaking and punishment etc, purposely to take away from discussing the leaks themselves. The information itself when known justifies the leaking of it; so the goal is to avoid it and focus on imagined damages etc and attribution of BLAME to the wrong groups of people.
Democracy Now! - uncensored, anti-establishment news
If you read a little bit about the history of the CIA it appears that barrier was eroded away on day one or close to it. Hiring Mafia types (just like the postwar British spooks did with various criminals but without keeping them at arms length) did not appear to be a good idea and they never seems to have recovered from early mistakes like that despite things like Helms and Angleton being fired in the 1970s for the CIA's domestic activities.
Apparently those of us who don't know are "Cucks" or something.
It's a "Alt-right" woman hating angry virgin bit of terminology and those of us who have dared to kiss women are not in the in group to discuss how the mainstream media is at the root of all the evil that is not supplied by women and people who are not pale nordic types. Since they go on about it so often they have shortened it to MSM.
Don't worry, they'll have more confusing terms next week that we'll have to either work out or ignore.
The MSM abbreviation predates the alt-right by over a decade.
Linux, you magnificent bastard, I read the fucking manual!
Do you have a link for that? All the PCs/laptops in an area would be tens/hundreds of thousands. No way.
How can "Cucks" or "Cuck" be a woman hating term?
Cuckolding is a great example of unmitigated matriarchal control of sexuality and sexual expression. If you are a good liberal you will be happy to be a Cuckold as it demonstrates your support of feminism by allowing women to express their sexuality without patriarchal interference, judgement, or restriction.
When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
Of course the insult makes no sense. A bunch of woman hating virgins calling people cuckolds as their insult of choice shows how little sense they have and how utterly pathetic they are.
The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. We can develop anti-virus and intrusion-detection signatures based on this information that will defeat much of what we read in these documents
The government is using YOUR PROPERTY to eavesdrop on you, your family and the ones you love to be used as testimony against you when required but without legal permission or accountability. And your response is to suggest that it doesn't matter because we can probably defend ourselves against it in the future?
Prosecuting people in the CIA, for failing to disclose known security problems in products to the products' firms, right?
There's no time like the present. Well, the past used to be.
That's not how this works. How this does work: "What can be asserted without evidence can be dismissed without evidence." If you persist in being a lazy commenter, we'll move to the stage of the conversation where I casually assert that you like to have sex with farm animals in school playgrounds, since it's your now job to disprove the assertion made online. And while we're on the subject of debunking false narratives.....
Yes, Hillary setting up a email server was a disastrous, corrupt, arrogant decision for her to make. Dems think they're making a great point with the "but her emails!" meme, but all you're doing is highlighting the fact that Hillary had no business running for dog catcher of the DNC, much less POTUS.
Two years after savaging the Bush Administration, "Our Constitution is being shredded. We know about the secret wiretaps, the secret military tribunals, the secret White House email accounts" she was doing the same damn thing herself. If that wasn't bad enough, she kept her server after Republicans took the Senate in the 2010 elections, who then had the power to subpoena her.
Dem's like to whine that the GOP smear machine has had it out for her for a quarter of a century, which is true. But then how dumb of a fuck did she have to be to hand them a real scandal, one that could still send her to prison. Warmed over Vince Foster bullshit no longer needed, now you can prosecute her dumb ass for mishandling classified evidence and obstruction of justice, when she deleted thousands of emails before her server could be inspected. And you can skip all the tired excuses for Hillary's unsecured, unauthorized server when a man is currently serving time for taking selfies on his unsecured, unauthorized cell phone.
If her name was Hillary Johnson, she'd already be in prison serving 20 years - for obstruction of justice charges alone. Then Dems have the nerve to whine about Comey, when they should be thanking him for not perp walking her into an arraignment.