13 Likes
If the Joe's and the NSA have the same stuff what makes you think you're going to stop the Joe's?
Well at least devs will have access to the tools and patch what needs to be patched. Reverse engineers do your work.
someone hold me. I'm scared.
This is some scary stuff. So there is nothing we can do to protect our privacy and information. One solution might be to unplug your PC and throw it away along with your phone.
Encrypt it. Unless this is saying they've broken PGP, and high grade encryption, etc.
They are just another tool in the security toolbox. Like anything else though, they should not be relied upon by themselves or viewed as uncrackable. It's been proven that there are techniques that can circumvent airgaps.
It's not the Joes I'm worried about, it's Cobra.
C'mon, you left yourself wide open for that one.
4 Likes
If it was an external hack it does beg the question - what kind of tools and spying apparatus that entity has when they can hack the people who can hack everything?
This isn't really anything new when you think about it. If NSA does it, of course the CIA does it as well. It's useful though, because it will help the manufacturers of affected devices to develop security updates.
1 Like
i read a little of it and found that they had problems with comodo (windows firewall ,access monitor) they don't list SElinux or app armour. should we be worried about that?
1984 called, it wants it's plot back.
12 Likes
Maybe it's a reboot, just like Star Wars ep7
https://wikileaks.org/ciav7p1/cms/page_16384684.html
I didnt know configuring your iptables was a crazy hack...
a lot of the material there is setup instructions and beat practices, like any other kind of documentation
1 Like
Wikileaks apparently didn't release everything they were given, for security reasons. So what we're seeing is only a selection.
That means they were either given the tools themselves or the info needed to make/acquire them and they're trying to keep them out of Joe Average's hands.
Oh, obligatory :
3 Likes
A lot of what it says they used is just repurposed or rebranded russian made malware that is easily available online.
Glad to know our agencies employ the best.
1 Like
Yes. And the "others" is equally as frightening as countries.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
From the press release. "In an unauthorized manner", so possibly not only countries, but also private persons. Which means, likely anyone with contacts and money has the ability to acquire these tools.
3 Likes
With software there are just two possibilities; either the user controls the program or the program controls the users.
The first case is free software because, in order for the users to have effective control of the programs, we need certain freedoms. Those freedoms are the criteria of free software.
If the users don't control the program, then the program controls the users, and the developer controls the program. That means that program is an instrument of unjust power.
~ RMS (time traveller?)
4 Likes
Only if there's source code for the time machine. Gotta be GPLv2.