Wikileaks recently released another treasure trove of information concerning the U.S. Governments powerful hacking tools which it calls “Year Zero”. This potentially takes surveillance right into the homes and pockets of billions of individuals worldwide. Not only affecting household electronics, but also penetrating Apple iPhones and Google Android phones. Google and Apple have the two largest market shares of the smart phone industry worldwide. There are over 1.4 Billion Android users worldwide. These documents outline far reaching capabilities. This is a massive set of documents totaling over 8,700 in all. It includes hacking secrets that have the possibility of embarrassing American and foreign intelligence agencies across the world as well as undermining or killing spying efforts in some circumstances.
Thought you were safe?
Is it time to break out the tin foil hats? Maybe not, but it’s no wonder that those old Nokia phones are making a come back. Many of these attack technologies that have been discussed and blogged about for some time were theoretical. People believed that a smart TV could be turned against you, but no one really believed that the CIA or NSA had actually turned Samsung TVs against their owners. Not only TVs, but routers, smartpones, and Mac and Windows computers. A specialized CIA unit called the Mobile Devices Branch produced the malware that’s able to control and steal information from iPhones. It was this unit who, working with the UK’s MI5, devoloped a tool called “Weeping Angel”. Weeping Angel is the tool that takes over Samsung SmartTVs. It places the TV in the off mode while activating it as a listening device and sending the information to a remote CIA server.
The CIA kept quiet about security vulnerabilities
The CIA found vulnerabilities in products made by Apple, Google, and Microsoft, among others. It kept these vulnerabilities to itself in order to exploit them. This may not sound like a big deal, after all, we would expect an intelligence agency who finds a hole to fully exploit that hole. Here’s the problem, when the CIA finds a security hole in an iPhone’s software that needs patching, and it doesn’t disclose that to Apple, all iPhones stay insecure. Including iPhones belonging to Congress, Congressional staffers, security specialists, intelligence agency staff, US Military, and all those support staff who have access to decision makers who may be targeted.
I’m a big fan of WhatsApp. I use it to stay connected with family in Dominican Republic. It just so happens that terrorists also use to to stay connected with their teams, supporters, and couriers. It’s possible that the app is only as secure as the device itself. If an iPhone can be hacked and the hacker can view what you view, then it doesn’t matter if the encrypted messaging app is safe, your content can be compromised.
The Internet of things can be hacked
The internet of things is a phrase referring to the inter-working of smart devices. That means that an app controls your home’s temperature, the security system, and the lights. It’s a home where you can ask Alexa to give you the news or open the blinds. A home where your refrigerator can recommend a meal depending on what’s inside of it. Is this idea done? After all what possible damage could a smart toaster do? What about a smart television? Well, since it turns out a smart television can be remotely activated to be used as a microphone, it may do significant damage if you value your privacy. I don’t think the idea of smart homes is gone, but I think that this revelation will push people to become more security conscious, even those who have nothing to hide. Also, maybe I don’t need a voice activated toaster.
Is this just the beginning?
Wikileaks says that these 8,700 “Year Zero” documents are just 1% of the “Vault 7” dumps in which Wikileaks claims will be the biggest intelligence publications in history. Wikileaks claims that Year Zero introduces the scope and direction of the CIA’s global covert hacking program.
These 8,700 documents say a lot, but there are a few things it doesn’t say. It doesn’t say that the CIA was spying on Americans, it doesn’t say that any laws were broken or ethical norms violated (we are talking about ethical norms concerning spy agencies), and it doesn’t prove necessarily that any of this has happened, just that the capabilities are there.
Is Julian Assange a hero who has exposed illegal or unethical behavior? Or is he someone who has once again compromised the security of Americans?