WikiLeaks document dump reveals CIA iPhone penetration team, insecurity of exploit library...
A new batch of 8,761 files was released on Tuesday by WikiLeaks that alleges that the U.S. Central Intelligence Agency has a dedicated iOS exploit team -- and lacks the ability to keep the attack vectors under lock and key.
According to the latest document dump by WikiLeaks, the CIA's Center for Cyber Intelligence (CCI) responsible for computer intrusion methods has over 5000 members. The group has allegedly targeted more than 10,000 individuals world-wide, spanning iOS, Windows, and Android devices including smart televisions.
The CIA obtained the hacks by either purchasing them on the open market, or by sharing information with the FBI, NSA, or U.K. GCHQ. WikiLeaks also alleges that the CIA "lost control" of the code archive -- which ultimately led to the release of the information to the group.
The "Vault 7" release covers 14 iOS exploits and penetration methods spanning iOS 4 through iOS 9.2, with some not requiring physical device access.
Overall, WikiLeaks claims that the Engineering Development Group inside the agency's CCI has produced more than 1000 hacking systems and "weaponized" malware. Reportedly, the codebase associated with the vectors is larger than Facebook's.
WikiLeaks has chosen to not distribute information on "armed" cyberweapons at this time until "a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published."
Other documents released in Tuesday's dump includes rules on how malware should be developed as to not point back to the CIA or U.S. government, how to avoid other nation's similar attempts, and how to exfiltrate mass amounts of data gathered in a successful attack.
According to the latest document dump by WikiLeaks, the CIA's Center for Cyber Intelligence (CCI) responsible for computer intrusion methods has over 5000 members. The group has allegedly targeted more than 10,000 individuals world-wide, spanning iOS, Windows, and Android devices including smart televisions.
The CIA obtained the hacks by either purchasing them on the open market, or by sharing information with the FBI, NSA, or U.K. GCHQ. WikiLeaks also alleges that the CIA "lost control" of the code archive -- which ultimately led to the release of the information to the group.
The "Vault 7" release covers 14 iOS exploits and penetration methods spanning iOS 4 through iOS 9.2, with some not requiring physical device access.
Overall, WikiLeaks claims that the Engineering Development Group inside the agency's CCI has produced more than 1000 hacking systems and "weaponized" malware. Reportedly, the codebase associated with the vectors is larger than Facebook's.
WikiLeaks has chosen to not distribute information on "armed" cyberweapons at this time until "a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published."
Other documents released in Tuesday's dump includes rules on how malware should be developed as to not point back to the CIA or U.S. government, how to avoid other nation's similar attempts, and how to exfiltrate mass amounts of data gathered in a successful attack.
Comments
Im sure the CIA knew about the remote jailbreak hack that's mentioned in this article:
http://www.vanityfair.com/news/2016/11/how-bill-marczak-spyware-can-control-the-iphone
If they used those tools against American citizens without proper court approval, that would be troubling.
But I'd also expect them to do a better job of keeping the tools secure. The fact that wikileaks may have gained access to these tools is troubling. Seems the three letter agencies need to improve security.
Since 9/11 our judicial and legislative branch of government are rushed to make decisions based on fear.
As long as these tools are used in legal ways against the citizens they serve we should feel good about it. Whether they do or not is a different story!
These tools have been leaked, they are available to be used by criminals, terrorists and foreign governments.
http://www.libertyheadlines.com/track-record-shows-obama-president-surveillance/?AID=7236
To still not accept this reality is on the individual business, institution or person. The writing has been on the wall for some time.
But I fully support a system in which law enforcement and intelligence agencies *that are genuinely acting to defend and protect citizens* hack the devices of criminal suspects, provided that they have permission from a judge, that probably cause has been established, basically all the good pre-911 stuff that we imagined protected us from tyranny.
Also, just to be clear, I do not support the FBI's desire to get a universal back door. They can hack all they want, but they can't force Apple to do their hacking for them.
Its hypocrisy. And more proof that no gov body can be trusted with backdoors, golden keys, etc..
1. CIA effectively ran a counter NSA department, when those functions are by law given to the NSA. This was done long ago to ensure that no one agency had too much spying power. This specific change was an Obama directive.
2. They Obama admin entered into a cooperative agreement with technology companies in 2010 to inform them of exploits, and then completely reneged on that arrangement.
3. This counter NSA group at CIA purposely left all of their weaponized software exploits as "unclassified" to circumvent procedures and legalities when using highly sensitive, classified weapons and state secrets directly or through any surrogates. This is not only highly illegal, totally shady but incredibly careless.
4. CIA cultivated a highly destructive arsenal in secret and against the law/their agency directive, and then completely failed to protect it.
5. Obama admin's knowledge and usage of these tools, along with their incredibly poor history with respect to US citizens' privacy rights/rule of law regarding evidence collection, but also clandestine activities in spying on other countries, but also domestic press (including reporters at both CNN & FoxNews).
6. Former Obama admin officials and supporters frequent vague claims of Russian hacking as a default response for information leaks and exposed embarrassing behavior by the admin, Clinton campaign and DNC.