CIA Tricked Antivirus Programs, Claims WikiLeaks

Reader Mark Wilson writes: Today, WikiLeaks published the third installment of its Vault 7 CIA leaks. We've already had the Year Zero files which revealed a number of exploits for popular hardware and software, and the Dark Matter batch which focused on Mac and iPhone exploits. Now we have Marble to look at. A collection of 676 source code files, the Marble cache reveals details of the CIA's Marble Framework tool, used to hide the true source of CIA malware, and sometimes going as far as appearing to originate from countries other than the US. The source code for Marble Framework is tiny -- WikiLeaks has provided it in a zip file that's only around 0.5MB. WikiLeaks explains that the tool is used by the CIA to hide the fact that it is behind malware attacks that are unleashed on targets: "Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA. Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivalent of a specialized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA. Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code."

Re:convenient timing as usual from mr. diplomacy

That may be true, but these releases are still clearly meant to be more of a distraction than an attempt at fixing a problem. Kind of trivializes that point of view.

It is true. The CIA is a grave and existential threat to everything that the US stands for. They will stop at nothing to distract, and ultimately consolidate power. This is not power for the people, nor by the people, it is lawless power over the people.

Yeah but the CIA does a few "nice" things for us. I mean, if not for them it would be much harder to buy illegal drugs! They pretty much owned the LSD manufacturing (a truly complex process requiring specialized knowledge of organic chemistry). In the 80s they deliberately saturated poor African American neighborhoods with crack cocaine (as though those people didn't have it bad enough as it was). They import most of the illegal opiates including heroin too. As a matter of fact Afghanistan became one of the major producers of opium and opium products, once our regular military got rid of that pesky Taliban that strictly forbade such things.

Drugs being illegal means high profit margins! And every time the police shut down one of their upstart competitors they control even more of a given market. Seriously this is how they fund a lot of their black-ops, this way there's no accountability, no high-ranking Congresspeople with security clearances can see the real total of how much they're spending or everything they spend it on. They see only the more legitimate-looking line items, if they even have access to that much. Why, the only ones who lose are the regular people.

All of the above is documented and not a difficult research topic. It just isn't something the mass media is going to spoon-feed to you. For more fun and excitement (outrage) read up on MK-ULTRA some time. How do you cause law-abiding family men to suddenly go assassinate an inconvenient pest or just flip out and go on shooting rampages, effectively turning them into remote-control killers, sleeper agents who don't know they are sleeper agents? With Soviet-style brainwashing, of course! If you ever saw The Manchurian Candidate, that's very much how it is done.

Proprietary software: still untrustworthy.

[jbn-o]

The "guard dogs" were proprietary programs. Users of proprietary OSes (chiefly MacOS and Windows) were trusting one black box to "guard" against the ills of other black boxes (other likely proprietary programs running on the same system). This was always known to be foolish and this WikiLeaks release shows another indisputable example how this system is broken by design.

Software freedom (the freedom to run, share, inspect, and modify) is no guarantee against malware, life offers no such guarantees. As with other endeavors we can act to improve the odds in our favor for computers we own so we don't fall prey to the ills of proprietary software. We know that keeping secrets from computer users prevents them from controlling their own computers (this is the power of a proprietor and why proprietary software is released). When we have software freedom we increase the odds skilled software practitioners will identify malware, change the software to excise the malware, and release the improved software. One could even hire someone's skill and time to do this on their behalf.

But no such inspection, improvement, and release is legally permitted with proprietary software. Thus most computer users fall prey not only to the traps of proprietary software itself, but also to the traps built into the software, and the traps of the software ostensibly meant to guard from the ills of other malware. There's no good reason to have faith in one black box over another, trust that one black box will keep you safe while another is less trustworthy, or to continue choosing one master over another. It's easy, convenient, and untrustworthy to do as the proprietors want you to do. You can choose software freedom and invest in businesses working to provide you with practical hardware to make this an everyday reality that meets your computing needs. The Free Software Foundation's "Respects Your Freedom" list includes a high-powered X86 64-bit mainboard called the "Vikings D16 Mainboard" which looks particularly appealing for high-powered, high RAM ceiling systems. WikiLeaks continues to tell us all why we need hardware and software we can trust, software that respects our freedom—we see the consequences of not having trustworthy systems! We can choose to value software freedom for its own sake and we should. Investing in our own future in this way now portends big practical payoffs in the near and long-term future.