Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Government Intel Privacy Security Software Technology

The CIA Built a Fake Software Update System To Spy On Intel Partners (theverge.com) 110

Documents published by Wikileaks reveal a secret project to siphon out data through its technical liaison service, dating back to 2009. The Verge reports: The program, called ExpressLane, is designed to be deployed alongside a biometric collection system that the CIA provides to partner agencies. In theory, those partners are agreeing to provide the CIA with access to specific biometric data -- but on the off-chance those partners are holding out on them, ExpressLane gives the agency a way to take it without anyone knowing. ExpressLane masquerades as a software update, delivered in-person by CIA technicians -- but the documents make clear that the program itself will remain unchanged. Instead, the program siphons the system's data to a thumb drive, where agents can examine it to see if there's anything the partner system is holding back. If the partners refuse the phony update, there's a hidden kill-switch that lets agents shut down the entire system after a set period of time, requiring an in-person visit to restore the system.
This discussion has been archived. No new comments can be posted.

The CIA Built a Fake Software Update System To Spy On Intel Partners

Comments Filter:
  • Lol (Score:5, Insightful)

    by Jesus H Rolle ( 4603733 ) on Friday August 25, 2017 @03:14AM (#55080935)
    Guess who's going to prison... nobody!
    • Let's say that that partner agency is the FBI and the FBI takes this to mean that the CIA was illegally grabbing domestic data in direct violation of laws governing "US Persons Data" and the FBI's own guidelines (that were referenced in the memorandum of understanding). You better bet that someone in their leadership is at least raising the issue of prosecuting the CIA folks responsible, if for no other reason than "we're the FBI and you don't fucking spy on the FBI without consequences."

    • by Anonymous Coward

      You're forgetting about the family of the poor corpse that snitched on this once they find him.

  • by Anonymous Coward on Friday August 25, 2017 @03:17AM (#55080943)

    This would never happen in the US of A!

  • by Anonymous Coward on Friday August 25, 2017 @03:21AM (#55080945)
    Intel... PCI Express Lanes... why's the CIA spying on Intel and its partners?
    • Re: (Score:3, Insightful)

      why's the CIA spying on Intel and its partners?

      It's usually just plain called "Industrial Espionage".

      The CIA will claim it is necessary to ensure US military technology superiority against any potential threats.

      Victims of Industrial Espionage see it differently . . . the whole point is to "help out" US tech companies compete against foreign folks. To return the favor, the US tech companies "help out" the CIA/NSA if they need any back doors in their products.

      • The parent post was ironic: the headline says "Spying on Intel Partners," but in this case, the word "Intel" is headline-ese for "Intelligence partners"-- it has nothing to do with Intel, the corporation that makes computer chips.

        If you'd read the subject of the comment, that would have been clear.

        Whoosh!

    • by msauve ( 701917 ) on Friday August 25, 2017 @07:04AM (#55081497)
      "why's the CIA spying on Intel and its partners?"

      So they can use Intel's Management Engine [slashdot.org] to spy on the rest of us.
    • I have servers at home. and so, they are probably spying on my 8x as much.

  • by Anonymous Coward

    The only thing with word "express" on my drive is "nero express." So am good.

  • by execthis ( 537150 ) on Friday August 25, 2017 @03:29AM (#55080973)

    These leaks are really alarming. Why has this been happening? Who is accountable for it? Did this occur under Obama's watch (or failure thereof)?

    • by ewanm89 ( 1052822 ) on Friday August 25, 2017 @04:30AM (#55081097) Homepage

      Yes! These damning leaks need to stop, how can we commit abuses against our own citizens otherwise. Don't worry, I'm sure the CIA only used this on foreign Intel partners in this case. We are already trying to work out who is responsible for leaking the document do we can charge them with espionage and treason.

      • by rtb61 ( 674572 )

        How about Intel investors, how do you think they will feel, knowing their asset has been so cavalierly risked because there will be repercussion in the international market. Intel clearly can not be trusted and will commit acts of treason in other countries to serve the corrupt deep state within the US government. Yeah, when you do it in other countries it is far worse, espionage and treason, real repercussions, not to mention the complete destruction of trust. Keep in mind this release of information is be

        • This is about US government agencies with whom the CIA partners to provide tech support for biometrics. As I read it, they simply had a kind of backdoor way to collect the data that the partner agencies were supposed to be collecting anyway.

          This is not about the Intel the company, foreign governments, nor about spying on US citizens. :-)

        • By Intel partners they mean intelligence partners ;) You know, foreign intelligence agencies, private intelligence agencies, other US intelligence agencies, contractors they use to build their own door biometric authentication systems...

      • You're damn right these leaks need to stop! I have just the person to do it too, he's known world-wide for his exploits, too! You probably heard of him, his name is Mario!

    • Wait, when you say "intel secrets" do you mean "intel secrets" or "Intel secrets"? I'm confused.

    • Who is accountable for it?

      No one. When it comes to espionage there is no prosecution.

  • probably deserves to be taken advantage of, but not the people whose data they handle.

  • by Anonymous Coward

    Why is anyone so surprised?

  • Is this news? (Score:3, Interesting)

    by jandersen ( 462034 ) on Friday August 25, 2017 @04:17AM (#55081077)

    Wouldn't it be more surprising to hear that CIA genuinely didn't spy on everybody and never did things they weren't supposed to? They are a spy agency - it is their job.

    • by AmiMoJo ( 196126 )

      True, but Intel are probably somewhat bummed that people have lost trust in them because apparently they can't secure their updates against hacking. If the CIA can do it, we should probably assume that they have been pwned by the FSB, North Korea and some 14 year old kid.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      "Spying on everybody and doing things they aren't supposed to" is not their job, the same way that "shooting everybody and doing things they aren't supposed to" is not the army's job. The CIA is an intelligence agency - that naturally involves plenty of spying, but two things they specifically should not be doing are: "spying on everybody" and "things they aren't supposed to".

  • by Ross Taylor ( 4829601 ) on Friday August 25, 2017 @04:38AM (#55081113)
    I was wondering why the CIA were involved in domestic industrial espionage
  • I am not shocked (Score:3, Interesting)

    by cpbright ( 4681855 ) on Friday August 25, 2017 @07:13AM (#55081541)
    I am not shocked. Trusting the government is like trusting the scorpion on your back while swimming across the river.
  • ....Microsoft's update program.

    I guess we know where they learned the technique.

    • by hey! ( 33014 )

      Nostalgic, I see.

      I've put a blink tag in this response for you. Slashcode will filter it out and in any case your browser probably doesn't honor it, but you'll know it's there.

  • you get up with fleas.

  • I believe that any large software company has agents inside it whether they know it or not. I could be wrong but governments seem to feel compelled to get involved in any form of conversation.
    • You are correct, and every major software company is very aware of that. Most of them, though, just let it happen.

The trouble with money is it costs too much!

Working...