Jump to content
IGNORED

VAULT7 [Wikileaks vs. CIA]

YO303

By YO303
in General Banter

Recommended Posts

YO303 Grand Master

YO303

Posted
Posted

strap in boys 

 

 

 

WikiLeaks is known for its cryptic messages, but the latest #Vault7 tweets may be among the most mysterious. WikiLeaks’ Twitter account just recently started tweeting #Vault7 messages with cryptic photos, and no one is quite sure what WikiLeaks is hinting about. The tweets are sparking all sorts of theories ranging from post-apocalyptic in nature to theories that are more conspiracy-laden. We’ve gathered the photos and tweets and are sharing the latest theories and analysis.

 

http://heavy.com/tech/2017/02/what-is-vault-7-wikileaks-theories-vault7-tweets-photos-analysis-clues-twitter-who-where-when-why-how/

 

im so overwhelmed by the bullshit going on I might just go off the grid forever lol 

Link to comment
Share on other sites
  • Replies 68
  • Created
  • Last Reply
YO303 Grand Master

YO303

Posted
  • Author
Posted

yawn

 

 

we'll see

 

I want this to be boring as fuck I don't want chaos but if Wikileaks is truly under Russian control then this might be the thing that sends the western world into total chaos 

Link to comment
Share on other sites
peace 7 Grand Master

peace 7

Posted
Posted

I could tell you why there is a 7 in my username- and what vault 7 is- but most people won't believe that shit.

 

The point is, we all just gotta make the best of our lives, mang.  We all just gotta make the best of our lives.  BUT when we do, the truth comes to light.  The truth of it all.

 

It's much easier to be a lazy, though.

Link to comment
Share on other sites
  • 4 weeks later...
caze Grand Master

caze

Posted
Posted

So it's just details about the kinds of hacking tools everyone already knew they (and most other big governments) had? yep, yawn (though presumably the details will be interesting for security ppl).

Link to comment
Share on other sites
YO303 Grand Master

YO303

Posted
  • Author
Posted

yawn? since when this kind of stuff became "yawn" on internet forums? what happened to all the privacy warriors? what happened to informed electors? i dont understand this world anymore

 

i guess its the norm now, we know our data is being collected and once again we feel powerless to do something about it so we ignore it

Link to comment
Share on other sites
caze Grand Master

caze

Posted
Posted

It's not surprising that these tools exist, would be bad if they didn't to be honest (because everyone else has them). The only thing we need to be concerned about is what rules the intelligence agencies have for using them, and whether they're sticking to them. There's probably a reasonable-to-strong chance they're not sticking to the rules of course (I've only skimmed that link maybe they mention that, will probably wait for someone else to do a writeup on it, also I don't trust anything wikileaks says at this point, so it needs independent confirmation).

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Just some snippets that peaked my attention:

 

 

 

"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphone.

 

 

 

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

 

 

 

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

 

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS. After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

 

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.

 

The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.

 

 

 

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.

 

 

 

The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware.

 

 

 

Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.

 

 

 

CIA 'hoarded' vulnerabilities ("zero days") .... As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.+

 

The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.

 

 

 

Cyber 'weapons' are not possible to keep under effective control.

 

While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber 'weapons', once developed, are very hard to retain.

 

Cyber 'weapons' are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.

 

Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.

 

 

 

In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.

The scary stuff is how desensetized we've seem to become by this and have come to accept it as something that the national governments just do.

 

 

Has WikiLeaks already 'mined' all the best stories?

No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They're there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.

Link to comment
Share on other sites
juiceciuj Grand Master

juiceciuj

Posted
Posted

so all that is surely fucked but not surprising except for the car thing which is holy lol fucked. i guess they've been crashing planes for years tho and it's just now getting affordable to crash cars too

Link to comment
Share on other sites
mcbpete Grand Master

mcbpete

Posted
Posted

Just some snippets that peaked my attention:

CIA 'hoarded' vulnerabilities ("zero days") .... As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.+

 

This sounds ... odd (certainly from the Android side of things) .... Google only make a tiny number of Android phones, and the OS itself is open source. Surely those that have rebuilt and maintained/tweaked a custom OS for builds like Cyanogenmod (now Lineage), OmniRom and others would've spotted this ?!
Link to comment
Share on other sites
caze Grand Master

caze

Posted
Posted

All that means is that they've found some vulnerability in the OS, they still need to get the malware that exploits the vulnerability onto the device somehow (e.g. by having physical access to the device), it's not talking about backdoors hidden in the actual OS or anything.

Link to comment
Share on other sites
Silent Member Grand Master

Silent Member

Posted
Posted

Didn't I see a documentary about this last year? Oh right, I did.

Link to comment
Share on other sites
Silent Member Grand Master

Silent Member

Posted
Posted

It's called zero days, it's about stuxnet, but I feel it touched on these issues.

 

My memory is unreliable though, be warned. Either way, the documentary is well worth watching.

Link to comment
Share on other sites
mcbpete Grand Master

mcbpete

Posted
Posted

All that means is that they've found some vulnerability in the OS ...

Again though, given the vast number of super l33t tech h4xx0r folk trawling through the code to port the OS to many many Android platforms I would've thought vulnerabilities would get spotted
Link to comment
Share on other sites
caze Grand Master

caze

Posted
Posted

 

All that means is that they've found some vulnerability in the OS ...

 

Again though, given the vast number of super l33t tech h4xx0r folk trawling through the code to port the OS to many many Android platforms I would've thought vulnerabilities would get spotted

 

 

They do, but they can't find them all, and once new features are added more are bound to crop up. Also, it's entirely possible that some of these vulnerabilities have already been patched, discovered independently of the CIA.

e.g. they can apparently defeat WhatsApp's encryption, but there's a known vulnerability with WhatsApp anyway, so it's probably the same thing.

https://arstechnica.co.uk/security/2017/03/wikileaks-publishes-what-it-says-is-trove-of-cia-hacking-tools/

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.