CIA Tricked Antivirus Programs, Claims WikiLeaks (betanews.com) 94
Reader Mark Wilson writes: Today, WikiLeaks published the third installment of its Vault 7 CIA leaks. We've already had the Year Zero files which revealed a number of exploits for popular hardware and software, and the Dark Matter batch which focused on Mac and iPhone exploits. Now we have Marble to look at. A collection of 676 source code files, the Marble cache reveals details of the CIA's Marble Framework tool, used to hide the true source of CIA malware, and sometimes going as far as appearing to originate from countries other than the US. The source code for Marble Framework is tiny -- WikiLeaks has provided it in a zip file that's only around 0.5MB. WikiLeaks explains that the tool is used by the CIA to hide the fact that it is behind malware attacks that are unleashed on targets: "Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA. Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivalent of a specialized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA. Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code."
One Thing is Perfectly Clear (Score:5, Insightful)
Our Guard Dogs have turned on us ... and they have rabies.
Re: One Thing is Perfectly Clear (Score:5, Insightful)
This is what JFK concluded, shortly before he was assassinated
Re: (Score:2)
This is starting to get silly...I'm beginning to think that the next leak is going to include evidence that the CIA plants dime sized listening devices in people's houses.
The CIA is and always has been a spy organization, and they've always spied on foreign targets. I'm still waiting for evidence that any of this was used on US citizens.
Yes, the NSA spying was bad, and Snowden was right to leak it, because they were in fact spying on US citizens. The CIA isn't though; the CIA is merely doing what they've al
Re: (Score:2, Insightful)
That certainly doesn't follow from this story.
Are you saying that we shouldn't have a spy agency, or that they shouldn't create and use malware, or that their malware should say it's from them, or what?
I'm a different AC. I would be just fine with entirely disbanding the CIA, and allowing such a thing only during times of war (as in, "Congress has declared war on X nation", you know, the way it's supposed to work?), and even then, to keep them on a very short leash. I'll gladly take that risk, no problem.
Want to prevent most foreign aggression (both official and terroristic) against the US? That's easy. Don't fuck with Russia. Don't fuck with China, For fuck's sake, STOP fucking with the Middle East. Yes
Re: One Thing is Perfectly Clear (Score:2)
Re: (Score:2, Insightful)
Yes that means stop using the CIA to do things like overthrow the democratically elected governments of nations such as Iran.
This really happened of course, during the 1950s. It's documented, acknowledged history.
Terrorists don't "hate us for our freedoms". They hate us because we want so badly to believe that our government is "of the People, by the People, and for the People" and responds to the will of the People that we tell the whole world that's the system we have. Thus, when our government creates revolutions, trains and equips Al-Qaeda and the Mujahideen, tries and fails to assassinate Castro and Saddam Hussein, then g
Re: (Score:2)
Terrorists don't "hate us for our freedoms".
That depends on the terrorist. Some of them very much do. Al-Qaeda and ISIS, given the chance, would kill you simply for not converting to Islam in most cases. In the few cases where they don't, then they'd let you get by if you paid a jizya and obeyed sharia law.
Either way, that is hating your freedom to not being subject to their religion. You can argue all you want about America did this or America did that, but they give the exact same treatment to non-Americans as well, so it's an entirely moot point.
Proprietary software: still untrustworthy. (Score:4, Informative)
The "guard dogs" were proprietary programs. Users of proprietary OSes (chiefly MacOS and Windows) were trusting one black box to "guard" against the ills of other black boxes (other likely proprietary programs running on the same system). This was always known to be foolish and this WikiLeaks release shows another indisputable example how this system is broken by design.
Software freedom (the freedom to run, share, inspect, and modify) is no guarantee against malware, life offers no such guarantees. As with other endeavors we can act to improve the odds in our favor for computers we own so we don't fall prey to the ills of proprietary software. We know that keeping secrets from computer users prevents them from controlling their own computers (this is the power of a proprietor and why proprietary software is released). When we have software freedom we increase the odds skilled software practitioners will identify malware, change the software to excise the malware, and release the improved software. One could even hire someone's skill and time to do this on their behalf.
But no such inspection, improvement, and release is legally permitted with proprietary software. Thus most computer users fall prey not only to the traps of proprietary software itself, but also to the traps built into the software, and the traps of the software ostensibly meant to guard from the ills of other malware. There's no good reason to have faith in one black box over another, trust that one black box will keep you safe while another is less trustworthy, or to continue choosing one master over another. It's easy, convenient, and untrustworthy to do as the proprietors want you to do. You can choose software freedom and invest in businesses working to provide you with practical hardware [fsf.org] to make this an everyday reality that meets your computing needs. The Free Software Foundation's "Respects Your Freedom" list includes a high-powered X86 64-bit mainboard called the "Vikings D16 Mainboard" which looks particularly appealing for high-powered, high RAM ceiling systems. WikiLeaks continues to tell us all why we need hardware and software we can trust, software that respects our freedom—we see the consequences of not having trustworthy systems! We can choose to value software freedom for its own sake and we should. Investing in our own future in this way now portends big practical payoffs in the near and long-term future.
Re: (Score:3)
Re: (Score:2)
The advantage of open source it is very hard to sneak stuff in or leave bugs in there because every countries across the board can take a squiz http://www.dictionary.com/brow... [dictionary.com] at the code, unlike closed source. So when they find a bug, it is not like they can secure their own without the rest finding out, so in spy vs spy open source tends by the nature of it's design to be neutral territory (not that they would not hack it but secure it for one, secure it for all and blinding hoping the fully visible bug
Re:convenient timing as usual from mr. diplomacy (Score:5, Insightful)
Re: (Score:1)
That may be true, but these releases are still clearly meant to be more of a distraction than an attempt at fixing a problem. Kind of trivializes that point of view.
It is true. The CIA is a grave and existential threat to everything that the US stands for. They will stop at nothing to distract, and ultimately consolidate power. This is not power for the people, nor by the people, it is lawless power over the people.
CIA *is* Russia (Score:5, Interesting)
The CIA is a bigger threat to us than Russia is.
I think you're missing a key point here: The CIA threat *is* the Russia threat.
Consider the balance of evidence: Putin says the Clinton leaks did not come from Russia, Julian said specifically that he knew where the Clinton leaks came from and that it wasn't Russia, the US evidence that the Clinton leaks came from Russia can be summed up as "it's something they would do".
And now we find out that the CIA can leak whatever they want and make it *look* like it came from Russia.
Also, they are one of the government agencies who claims that the leaks came from Russia.
Now, I don't have any evidence that the CIA is leaking things and making it appear as if Russia did it, but this has to make us question whether we can trust *any* government pronouncement of where some leak or another came from.
All this "the Russians did it!" can now be completely ignored as an ad-hominem attempt to lead attention away from the actual data that was leaked.
We don't know *who* leaked it, because for all we know it was our own security agency.
(And need I point out that GCHQ, Russian intelligence, and a host of other players could probably do the same thing.)
Re: (Score:1)
The CIA is a bigger threat to us than Russia is.
Sure, right. Because Wikileaks has also given us equivalent info on Russian espionage.
Wait, they haven't? What's going on here?
Re: (Score:2)
https://search.wikileaks.org/?... [wikileaks.org]
Mebbe there's no equivalent info on russia because they have less of a corrupt, lawlessness problem with their government than we have here in America.
Some people just don't understand that there's little excuse for not knowing almost anything you want these days...
Re:convenient timing as usual from mr. diplomacy (Score:5, Insightful)
Remind me, where is Snowden, now?
Right where the US knowingly forced him to be. Snowden didn't want to seek refuge in Russia, the US gave him no choice by yanking his passport when/how they did. It's easier for the US intelligence services and their propaganda mouthpieces to dismiss Snowden's revelations to the low-info US public that way.
Russia is on the offensive on the internet...
When has Russia, or every other major power including the US for that matter, NOT been on the offensive on the internet?
...deeply implicated in Trump and Brexit elections.
Innuendo and conjecture unsupported by verifiable facts. Just as likely, if not more so, that it was British and US intelligence services attempting to interfere, if anyone was. They'd have more to gain (or lose), actually.
Strat
Re: (Score:1)
Innuendo and conjecture unsupported by verifiable facts.
Politics does not operate by means of verifiable facts. I'm not sure if it has ever worked that way, except MAYBE in small-scale democracies like Athens where important offices were assigned by lottery. Even then ...
No, politics at the individual level is governed by two major things: what someone has been taught to believe and never seriously questioned, and what someone really wants to believe. To give an easy example, a lot of people want to believe that banning guns will work in the USA. If you poi
Redirecting the discussion (Score:5, Insightful)
Julian's a Russian asset. He might've had the best intentions at some point, but it's very difficult to realize them while staring down the barrel of a figurative or literal gun. His omissions, timing, and deeply misleading editorialism are equally as powerful as printing blatant falsehoods.
And by that you mean that his release isn't authentic?
Or maybe that it isn't important? Or interesting? Or valuable to society?
And I have to wonder, just how is it that you know his intentions? Or that he's a Russian asset?
You mention "printing blatant falsehoods". Do you have references, sources, rationalization, or... in fact... *anything* to support what you just said?
Someone always tries to direct the conversation away from the issues and to the person making the claim.
Does this work on Slashdot? Can we get everyone talking about the merits of Julian Assange at the top of the discussion, pushing any real debate down "below the fold" so fewer people see it?
Re: (Score:1)
And you're a CIA asset, it seems.
Look: Putin's an authoritarian asshole. The FSB is out of control, and Russian government is pushing their power agenda, among other at the Russian's cost (excepting the few ultra rich). We know that.
But what the fuck has this to do with the fact that our secret services are out of control, a state whithin the state, and that we have to do something about it, if we want to keep our democracies in working order -- more or less.
Why are you trying to derail the discussion? Let'
Russian hackers? (Score:2, Insightful)
Re: (Score:2)
Re: (Score:2)
no no, Sony was hacked by North Korean hackers on their c-64s
Yes, and others (Score:2)
Typical espionage tactics (Score:2)
Alan Turing would've been proud (Score:2)
Alan Turing would've been proud of the work, American (and British) intelligence agencies are doing in the area of computers and communications.
And whoever leaked the information to adversaries, would've been shot in Alan Turing's times... For treason.
Synzronvg zl gnvy...
Re: (Score:2)
Alan Turing would've been proud of the work, American (and British) intelligence agencies are doing in the area of computers and communications.
But if he realized that the 'work' was being used against their own citizens, he would likely have burned not only his own work, but also the entire Bletchley Park complex to the ground and then shot himself after making sure the facts surrounding his actions went public.
Strat
Re: (Score:2)
There is nothing about that in TFA. We do know about Obama making it easier [circa.com] for his top staff to learn about — and inevitably leak [reason.com] — some such intelligence pertaining to US citizens [circa.com], but it is still an awesome tech.
No, I'm confide
Re: (Score:1)
...he would've preferred the "domestic spying" â" however appalling by itself â" to Hitler's victory.
What's the difference, outside of an obsession with killing Jews, if the methods and results are ultimately nearly the same for regular people? Whether it's the CIA, MI5, or the Nazi SS violating your rights and killing/imprisoning you, you're still just as screwed.
Strat
Re: (Score:2)
There is a lot more to why we love Nazis, than the SS. And, of course, in reality neither CIA nor MI5 are anywhere close to them in the "killing/imprisoning
Re: (Score:2)
As far as the CIA/MI5 "not being anywhere close", in many areas I would disagree. In fact, in some areas they've exceeded the wildest dreams of all the dictators and tyrannies of the 20th century. With the widespread use of "Predator"-type weapons systems in the military and the push for domestic law enforcement use of drones, it seems only a matter of time before they exceed yet more past dreams of tyrants.
And as
Re: (Score:2)
"In some ways", maybe — because of the technology advances. But not in the killing/imprisoning part.
As for the rest, I remind you of the Godwin's Law [killfile.org] once again... Farewell.
My sub is better, missing key fact. (Score:3, Insightful)
The key fact is it disguises the original malware writers in Chinese, Russian, Korean,Arabic and Farsi.
Wikileaks Vault 7 Part 3 has released the CIA's Marble framework that is used the disguise the origin of malware. Specifically it is designed to " "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop."
https://slashdot.org/submissio... [slashdot.org]
Brings up a key point if the CIA does this, other countries do the same thing.
Do you really think Russia would sprinkle their hacked documents with Fancy Bear and Cozy Bear?
Re: (Score:2)
Strings (Score:2)
How dastardly! These CIA hackers wrote a program that takes the "Copyright 2011 CIA" strings in executables and replaces them with Chinese copyright notices!
On the other hand, it's nice that the CIA was putting origin-identifying strings into the binaries in the first place (so they exist to be removed or changed). If I were running a spy agency, I'm not sure I would have thought to do that.
What the source code could show? (Score:2)
Re: (Score:2)
Cold litter ate my source code.
Re: (Score:2)
Wikileaks summaries are propaganda (Score:2)
Why aren't people paying attention? Wikileaks summaries are always just propaganda, intentionally misleading to work up conspiracy theorists. It's clever though, it's based on half-truths, but it's generally nothing in the end. They look over their info for weeks to write their summary, then dump a huge amount of info that no one can reasonably read quickly, so the media just publishes the Wikileaks summary.
Just wait a few days, the truth will come out to be something extremely boring. Ah, but who follo