
Wikileaks Unveils 'Cherry Blossom' – Wireless Hacking System Used by CIA - Nitishshah700
https://wikileaks.org/vault7/#Cherry
======
jwtadvice
I really hope that Wikileaks:

A. Works with companies to get these vulnerabilities patched. I know that US
media outlets are paid to be hard on Wikileaks when it does this to harm its
reputation, but the campaign of negative publicity is less important overall
than the quality work getting vulnerabilities fixed and for it actually
improves the reputation over the long term with those who are familiar and
closer to the security field.

B. After the vulnerabilities are patched, release the source code and
documentation for these vulnerabilities to expose the companies, techniques
and to corroborate the editing done for the story. The security community will
grow from these examples and the public will have better information about
what companies to avoid.

C. Publish more good journalism about the types of cyber-weapons wielded by
intelligence agencies.

------
jwtadvice
I would really like to know more about the involvement of the Stanford
Research group in enabling these exploits. Speculating on a whim here, but it
wouldn't seem like much research would be needed with the exception of perhaps
either WEP/WPA injection/extension/decryption attacks OR wireless frame
injection attacks that exploit the data link layer.

