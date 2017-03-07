WikiLeaks Reveals CIA's Secret Hacking Tools and Spy Operations (betanews.com) 56
Mark Wilson, writing for BetaNews: WikiLeaks has unleashed a treasure trove of data to the internet, exposing information about the CIA's arsenal of hacking tools. Code-named Vault 7, the first data is due to be released in serialized form, starting off with "Year Zero" as part one. A cache of over 8,500 documents and files has been made available via BitTorrent in an encrypted archive. The plan had been to release the password at 9:00am ET today, but when a scheduled online press conference and stream came "under attack" prior to this, the password was released early. Included in the "extraordinary" release are details of the zero day weapons used by the CIA to exploit iPhones, Android phones, Windows, and even Samsung TVs to listen in on people. Routers, Linux, macOS -- nothing is safe. WikiLeaks explains how the "CIA's hacking division" -- or the Center for Cyber Intelligence (CCI) as it is officially known -- has produced thousands of weaponized pieces of malware, Trojans, viruses and other tools. It's a leak that's essentially Snowden 2.0. In a statement, WikiLeaks said CIA has tools to bypass the encryption mechanisms imposed by popular instant messenger apps Signal, Confide, WhatsApp (used by more than a billion people), and Telegram.
No need for zero-day exploits when Donnie's using a four-year-old Samsung that's probably got more holes than Jeff Sessions' Congress testimony.
Ever heard of the phrase "An angry man is an enemy, and a satisfied man is an ally"?
Legality is EXTREMELY questionable. (ianal)
Obviously. That you think the government, any government, should be prohibited from using tools to monitor/spy/whatever on others would defeat the whole purpose of intelligence gathering. They have to use these means to find out what they don't know. It's their job.
Do you think Russia isn't doing the same thing? Are you going to whine about them doing this? How about Israel? What excuse will you use to justify them doing this but not the U.S.? How about we go
how would we know? (Score:2, Interesting)
How would we know these are the CIA tools and not ones the Russians released to Wikileaks and fooling them into thinking they are the CIA tools? Or that Wikileaks knows they are Russian and is simply lying?
Does it matter now the CIA is under Kremlin control?
Re:how would we know? (Score:5, Insightful)
Wikileaks is one of the few remaining upstanding journalistic organizations. They wouldn't waste their credibility on false flags. We already know the US uses Celebrite hacks and when asked to reveal the constitutionality of the process they simply refuse and drop the case. We have unconstitutional courts without defense, jury or oversight for domestic cases, how do you think they behave when they don't have to conform to the constitution.
Wikileaks is just Assange (Score:1)
"upstanding journalistic organizations"
Nah, they're Julian Assange, and he'll leak anything that comes his way that looks juicy. In this case it will be the same source as his DNC leaks, i.e. Russian intelligence using him as an outlet.
The timing is telling, Trump just did a "Obama spied on me to interfere with the elections" thing. Who hacked the elections? Well the US spies say it was Russia, but POTUS says it was Obama. That fell flat on it's face. And now from the same source, a lot of CIA zero day expl
How would we know these are the CIA tools and not ones the Russians released to Wikileaks and fooling them into thinking they are the CIA tools?
Visit TFA. Download the torrent. Analyze the data. Make up your own mind. Or, like most of us, wait for some reputable hearties to do it for you.
But hardly unexpected it seems to me.
Does it include targets? (Score:2)
The interesting thing would be to see the targets. Given it's the CIA, they are only authorized to surveil targets foreign to the US. The problem with malware and high tech devices is that they cannot always be accurately contained. So how many US citizens and US allies were "inadvertently" tapped? How about political targets?
WARNING: Intel CPU backdoored (Score:2, Informative)
Your Intel CPU is already backdoored
Forget security, your Intel CPU is already backdoored and it is wide open.
Remember, *3 Billion devices run JAVA*, and your motherboard backdoor is running it.
REcon 2014 - Intel Management Engine Secrets [youtube.com]
32c3 Intel backdoor live hack demonstration, keystrokes logged and downloaded over wire, wireshark can't detect:
Towards (reasonably) trustworthy x86 laptops [youtube.com]
Tools to remove Intel backdoor firmware:
https://github.com/corna/me_cleaner [github.com].
Neutralize your Intel backdoor:
Neutralize ME firmware on SandyBridge and IvyBridge platforms [hardenedlinux.org]
First introduced in Intelâ(TM)s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge).
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating systemâ(TM)s memory as well as to reserve a region of protected external memory to supplement the MEâ(TM)s limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that canâ(TM)t be ignored.
https://hackaday.com/tag/intel-management-engine/ [hackaday.com]
Five or so years ago, Intel rolled out something horrible. Intelâ(TM)s Management Engine (ME) is a completely separate computing environment running on Intel chipsets that has access to everything. The ME has network access, access to the host operating system, memory, and cryptography engine. The ME can be used remotely even if the PC is powered off. If that sounds scary, it gets even worse: no one knows what the ME is doing, and we canâ(TM)t even look at the code. When â" not âifâ(TM) â" the ME is finally cracked open, every computer running on a recent Intel chip will have a huge security and privacy issue. Intelâ(TM)s Management Engine is the single most dangerous piece of computer hardware ever created.
Intel Active Management Technology [wikipedia.org]
Almost all AMT features are available even if the PC is in a powered-off state but with its power cord attached, if the operating system has crashed, if the software agent is missing, or if hardware (such as a hard drive or memory) has failed.[1][2] The console-redirection feature (SOL), agent presence checking, and network traffic filters are available after the PC is powered up.[1][2]
The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional[29] part in all current (as of 2015) Intel chipsets.[30] According to an independent analysis by Igor Skochinsky, it is based on an ARC core, and the Management Engine runs the ThreadX RTOS from Express Logic. According to this analysis, versions 1.x to 5.x of the ME used the ARCTangent-A4 (32-bit only instructions) whereas versions 6.x to 8.x use the newer ARCompact (mixed 32- and 16-bit instruction set architecture). Starting with ME 7.1, the ARC processor can also execute signed Java applets. The ME state is stored in a partition of the SPI flash, using the Embedded Flash File System (EFFS).[31]
The ME has its own MAC and IP address for the out-of-band interface, with direct access to the Ethernet controller; one portion of the Ethernet traffic is diverted to the ME even before reaching the host's operating system
What about vaults 1 through 6?
Maybe Wikileaks are counting down?
Hi CIA (Score:2)
https://wikileaks.org/ciav7p1/... [wikileaks.org]
Reading list
A list of websites I like to check out to stay up to date and get new ideas:
General
http://reddit.com/r/netsec [reddit.com] along with all the other good subreddits (RE, forensics)
http://thehackernews.com/ [thehackernews.com]
http://slashdot.org
Forensics
http://swiftforensics.com/ [swiftforensics.com]
Ha, ha, hello CIA friends, I hope you've enjoyed all my ENTIRELY SATIRICAL posts over the years that may have appeared to the slow of wit to be critical of the government and the Agency, but were in fact entirely in jest. I'm sure you had a good chuckle all the times I COMPLETELY IRONICALLY referred to you as lying liars who lie about your lies to bring us into war under war false pretenses...over and over again.

Anywho, keep up the good work, friends!
Anywho, keep up the good work, friends!
Revolution T- 20 (Score:3)
Now we just shrug cry and accept.
Re: (Score:2)
The Americans make plenty of people disappear both foreign and domestic. You could've claimed the same during the Cold War, where are the Russian missiles and subs - turns out they never had quite as much as they claimed. North Korea can't even put a rocket together, something American engineers do for fun and games in their back yard.
Re: (Score:2)
Er, drone strikes, renditions, black sites, Guantanamo, waterboarding, parallel construction....
Haxx0ring attribution (Score:2)
From the press release: [wikileaks.org]
UMBRAGE
The CIA's hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.
Uh oh. So combine with:
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
Doesn't that make attributing the source of a hack based on exploit fingerprinting essentially meaningless? If a motivated hacker had access to this trove, and therefore Umbrage, and say they wanted to hack the email server of a US political party, could they not simply leave behind a Russian fingerprint in order to implicate them?
Always seemed strange to me the DNC hackers used a Russian VPN. Isn't the first rule of haxx0ring to be behind 7 proxies? And the la
Turmp complains about wire tapps, just ask the NSA (Score:1)
I expect privacy and anonymity, but I know I do not have right
